12-06-2018 01:02 PM - edited 03-03-2019 08:57 AM
I am trying to shape AF1 traffic
I am seeing hits on my other queues but not AF1
I know there is traffic matching my ACL
Q has anyone got a similar configuration ?
class-map match-any ce_af1_customer
description Match AF1 Class map
match ip dscp cs1 af11 af12 af13
match access-group name preactor-gmps-critical
kf-r-park-royal-01#s hinv
bkf-r-park-royal-01#show inv
bkf-r-park-royal-01#show inventory
NAME: "Chassis", DESCR: "Cisco ISR4331 Chassis"
PID: ISR4331/K9 , VID: V04, SN: FDO2223A2N7
class-map match-any ce_af1_output
description Marking AF1 Class map
match class-map ce_af1_customer
policy-map cpe_out_child
description MGMT:8K EF:0K AF1:0K AF2:0K AF3:0K AF4:0K
class ce_mgmt_bun_output
police 8000 8000 8000 conform-action set-prec-transmit 6 exceed-action set-prec-transmit 6
bandwidth 3
random-detect
random-detect precedence 0 22 35 10
random-detect precedence 6 22 35 10
class ce_af4_output
police 3000000 conform-action set-dscp-transmit af41 exceed-action set-dscp-transmit af42
class ce_af3_output
police 400000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32
class ce_ef_output
police 4000000 conform-action set-dscp-transmit ef exceed-action drop
priority
class ce_af2_output
shape average 8000000
class ce_af1_output
shape average 8000000
class class-default
random-detect
12-07-2018 12:23 AM
Hello
i don’t see why your class map ce_af1_customer is nested into the parent class map ce_af1_output as it not nested with anything else you could try matching on ce_af1_customer instead
12-07-2018 03:33 AM
12-11-2018 07:27 AM
12-12-2018 06:02 AM
12-12-2018 06:41 AM
12-14-2018 06:04 AM
Hmm, so I now look at your first policy class, which is:
policy-map cpe_out_child
description MGMT:8K EF:0K AF1:0K AF2:0K AF3:0K AF4:0K
class ce_mgmt_bun_output
Then I look at the class-map:
class-map match-any ce_mgmt_bun_output
match access-group name QOS_MANAGEMENT
Then I look to see what's in "QOS_MANAGEMENT" - missing from your latest post? Other ACLs also missing?
12-17-2018 01:41 AM
thanks for your reply
bkf-r-park-royal-01#sh access-lists QOS_MANAGEMENT
Extended IP access list QOS_MANAGEMENT
10 permit ip any 194.72.105.0 0.0.0.31
bkf-r-park-royal-01#
note --- we have checked netflow and packet captures toe ensure there are active IP packets matching the ACL
we still do not see hits
when I change the match to protocol http -- I see hits
Q do you think this behaviour could relate to a software defect on the router ?
12-17-2018 07:27 AM
12-18-2018 12:35 PM
thanks all for your help
I had to change the ACL to extended -- saw no hits on the standard
12-12-2018 12:09 AM
thanks for your quick reply
I had tried removing the nested class map
it made no difference
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide