Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
0
Helpful
2
Replies

ACL to log DSCP value comming from my UCS servers.

filipequintela
Level 1
Level 1

‎05-04-2013 12:59 PM - edited ‎03-16-2019 05:09 PM

Hey Guys,

Need some advice.

I have some UCS server running CUCM virtual machines and i was looking for some way to see if DSCP is really being marked by them.

The UCSs are directly connected to 3750 stack which i have configured with a access-list:

Extended IP access list 101

    10 permit ip host 172.23.124.130 any dscp af31 log

    20 permit ip any any

                  

and applied it to the port where i have CUCM connected.

sh cdp neighbor:

BRVIX5VALECUCMPUB001.VALENET

                 Gig 1/0/10        150               H    VMware    eth0

so that i have it configured like this:

interface GigabitEthernet1/0/10

description UCS1 - PCI1

switchport access vlan 970

switchport mode access

ip access-group 101 in

mls qos trust dscp

channel-group 11 mode on

end

the thing is... i can't see any matches on this access list (even on the event log or thought sh ip access list - i was hoping to see matches...)

The server is correctly configured to mark ICSS traffic with AF31 on service parameters.

Any advices? I would be glad...

Thanks in advance.

Labels:
0 Helpful
2 Replies 2

brmeade
Level 4
Level 4

‎05-04-2013 11:37 PM

What happens if you apply the access-list to the actual port-channel (int po11)?

0 Helpful

filipequintela
Level 1
Level 1
In response to brmeade

‎05-05-2013 06:28 AM

the port-channel it self doesn't accept the command.

0 Helpful
Customers Also Viewed These Support Documents