Re: Cisco 3650 Switch

IrfanKhan4904 · ‎11-18-2020

How we can delete ACL and Auto QoS from Cisco Switch 3650?
Extended IP access list AutoQos-4.0-Acl-Bulk-Data
10 permit tcp any any eq 22
20 permit tcp any any eq 465
30 permit tcp any any eq 143
40 permit tcp any any eq 993
50 permit tcp any any eq 995
60 permit tcp any any eq 1914
70 permit tcp any any eq ftp
80 permit tcp any any eq ftp-data
90 permit tcp any any eq smtp
100 permit tcp any any eq pop3
Extended IP access list AutoQos-4.0-Acl-Default
10 permit ip any any
Extended IP access list AutoQos-4.0-Acl-MultiEnhanced-Conf
10 permit udp any any range 16384 32767
20 permit tcp any any range 50000 59999
Extended IP access list AutoQos-4.0-Acl-Scavanger
10 permit tcp any any range 2300 2400
20 permit udp any any range 2300 2400
30 permit tcp any any range 6881 6999
40 permit tcp any any range 28800 29100
50 permit tcp any any eq 1214
60 permit udp any any eq 1214
70 permit tcp any any eq 3689
80 permit udp any any eq 3689
90 permit tcp any any eq 11999
Extended IP access list AutoQos-4.0-Acl-Signaling
10 permit tcp any any range 2000 2002
20 permit tcp any any range 5060 5061
30 permit udp any any range 5060 5061
Extended IP access list AutoQos-4.0-Acl-Transactional-Data
10 permit tcp any any eq 443
20 permit tcp any any eq 1521
30 permit udp any any eq 1521
40 permit tcp any any eq 1526
50 permit udp any any eq 1526
60 permit tcp any any eq 1575
70 permit udp any any eq 1575
80 permit tcp any any eq 1630
90 permit udp any any eq 1630
100 permit tcp any any eq 1527
110 permit tcp any any eq 6200
120 permit tcp any any eq 3389
130 permit tcp any any eq 5985
140 permit tcp any any eq 8080
Extended IP access list AutoQos-4.0-wlan-Acl-Bulk-Data
10 permit tcp any any eq 22
20 permit tcp any any eq 465
30 permit tcp any any eq 143
40 permit tcp any any eq 993
50 permit tcp any any eq 995
60 permit tcp any any eq 1914
70 permit tcp any any eq ftp
80 permit tcp any any eq ftp-data
90 permit tcp any any eq smtp
100 permit tcp any any eq pop3
Extended IP access list AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
10 permit udp any any range 16384 32767
20 permit tcp any any range 50000 59999
Extended IP access list AutoQos-4.0-wlan-Acl-Scavanger
10 permit tcp any any range 2300 2400
20 permit udp any any range 2300 2400
30 permit tcp any any range 6881 6999
40 permit tcp any any range 28800 29100
50 permit tcp any any eq 1214
60 permit udp any any eq 1214
70 permit tcp any any eq 3689
80 permit udp any any eq 3689
90 permit tcp any any eq 11999
Extended IP access list AutoQos-4.0-wlan-Acl-Signaling
10 permit tcp any any range 2000 2002
20 permit tcp any any range 5060 5061
30 permit udp any any range 5060 5061
Extended IP access list AutoQos-4.0-wlan-Acl-Transactional-Data
10 permit tcp any any eq 443
20 permit tcp any any eq 1521
30 permit udp any any eq 1521
40 permit tcp any any eq 1526
50 permit udp any any eq 1526
60 permit tcp any any eq 1575
70 permit udp any any eq 1575
80 permit tcp any any eq 1630
90 permit udp any any eq 1630
100 permit tcp any any eq 1527
110 permit tcp any any eq 6200
120 permit tcp any any eq 3389
130 permit tcp any any eq 5985
140 permit tcp any any eq 8080
Extended IP access list CISCO-CWA-URL-REDIRECT-ACL
100 deny udp any any eq domain
101 deny tcp any any eq domain
102 deny udp any eq bootps any
103 deny udp any any eq bootpc
104 deny udp any eq bootpc any
105 permit tcp any any eq www
Extended IP access list IP-Adm-V4-Int-ACL-global
10 permit tcp any any eq www
20 permit tcp any any eq 443
Extended IP access list implicit_deny (per-user)
10 deny ip any any
Extended IP access list preauth_v4 (per-user)
10 permit udp any any eq domain
20 permit tcp any any eq domain
30 permit udp any eq bootps any
40 permit udp any any eq bootpc
50 permit udp any eq bootpc any
60 deny ip any any
IPv6 access list implicit_deny_v6
deny ipv6 any any sequence 10
IPv6 access list preauth_v6
permit udp any any eq domain sequence 10
permit tcp any any eq domain sequence 20
permit icmp any any nd-ns sequence 30
permit icmp any any nd-na sequence 40
permit icmp any any router-solicitation sequence 50
permit icmp any any router-advertisement sequence 60
permit icmp any any redirect sequence 70
permit udp any eq 547 any eq 546 sequence 80
permit udp any eq 546 any eq 547 sequence 90
deny ipv6 any any sequence 100
------------------------------------------------------------

Policy Map AutoQos-4.0-Output-Policy
Class AutoQos-4.0-Output-Priority-Queue
priority level 1 30 (%)
Class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining 10 (%)
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
Class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining 10 (%)
queue-buffers ratio 10
Class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining 10 (%)
queue-buffers ratio 10
Class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining 4 (%)
queue-buffers ratio 10
Class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining 1 (%)
queue-buffers ratio 10
Class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining 10 (%)
queue-buffers ratio 10
Class class-default
bandwidth remaining 25 (%)
queue-buffers ratio 25

marce1000 · ‎11-18-2020

- How does it look from the running-config ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

IrfanKhan4904 · ‎11-19-2020

CORE-SW-1#show running-config
Building configuration...

Current configuration : 14666 bytes
!
! Last configuration change at 15:02:21 UTC Mon Nov 9 2020 by namal
!
version 16.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
!
hostname CORE-SW-1
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
no aaa new-model
switch 1 provision ws-c3650-24ps
!
!
!
!
ip routing
!
!
!
!
ip nbar http-services
!
!
!
!
!
!
!
!
!
!
table-map policed-dscp
map from 0 to 8
map from 10 to 8
map from 18 to 8
map from 24 to 8
map from 46 to 8
default copy
!
!
crypto pki trustpoint TP-self-signed-1926280246
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1926280246
revocation-check none
rsakeypair TP-self-signed-1926280246
!
!
crypto pki certificate chain TP-self-signed-1926280246
!
license boot level ipbasek9
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
username namal privilege 15 password 7 04752B0B4C2D6F1E051546101753545D737B
username saad privilege 15 password 7 107D293901361E025B5C7C
!
redundancy
mode sso
!
!
!
class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, SGT Cache Full, LOGGING
class-map match-any AutoQos-4.0-Bulk-Data-Class
match access-group name AutoQos-4.0-Acl-Bulk-Data
class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1
class-map match-any system-cpp-default
description DHCP snooping, show forward and rest of traffic
class-map match-any AutoQos-4.0-Multimedia-Conf-Class
match access-group name AutoQos-4.0-Acl-MultiEnhanced-Conf
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any AutoQos-4.0-Default-Class
match access-group name AutoQos-4.0-Acl-Default
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2
class-map match-any AutoQos-4.0-Transaction-Class
match access-group name AutoQos-4.0-Acl-Transactional-Data
class-map match-any AutoQos-4.0-Scavanger-Class
match access-group name AutoQos-4.0-Acl-Scavanger
class-map match-any AutoQos-4.0-Signaling-Class
match access-group name AutoQos-4.0-Acl-Signaling
class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1
class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs2 cs3 cs6 cs7
match cos 3
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-sys-data
police rate 100 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-forus
class system-cpp-default
policy-map AutoQos-4.0-Classify-Police-Input-Policy
class AutoQos-4.0-Multimedia-Conf-Class
set dscp af41
police cir 5000000
conform-action transmit
exceed-action drop
class AutoQos-4.0-Bulk-Data-Class
set dscp af11
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class AutoQos-4.0-Transaction-Class
set dscp af21
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class AutoQos-4.0-Scavanger-Class
set dscp cs1
police cir 10000000
conform-action transmit
exceed-action drop
class AutoQos-4.0-Signaling-Class
set dscp cs3
police cir 32000 bc 8000
conform-action transmit
exceed-action drop
class AutoQos-4.0-Default-Class
set dscp default
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
!
!
!
!
!
!
!
!
!
!

balaji.bandi · ‎11-19-2020

Those are related AutoQOS - if you do not want to autoqos - follow below guide to disable.

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3e/qos/configuration_guide/b_qos_3e_3650_cg/b_qos_3se_3650_cg_chapter_0100.html#concept_7C0201FCE01F45768968852B538E2487

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help