Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
274
Views
5
Helpful
1
Replies

Cat 3560 ACL counters empty

veruscorp
Level 1
Level 1

‎12-28-2005 09:01 AM - edited ‎03-03-2019 01:16 AM

I frequently configure QoS on cat switches. On the 3560 (Standard ipbase image)I configure ACL's to define interesting traffic, then apply these to class/policy maps for marking CoS and DSCP.

From a router connected to the Cat 3560 switch, I see the marks as soon as "mls qos" is enabled on the switch. However, the switch itself shows zero statistics with the following commands: "show ip access-list" and "show policy-map". If I disable "mls qos" on the switch, then the connected router sees no more marks, so I know the switch is doing something. This occurs regardless of whether I have "ip routing" enabled or disabled on the 3560. The image is 12.2(25)SED. This happens on all 3560's that I have configured. Is this a bug, an IOS oversight, or do I need the Enterprise image? I cannot find any related issues or docs related to this in CCO. Thank you.

Labels:
0 Helpful
1 Reply 1

Prashanth Krishnappa
Cisco Employee
Cisco Employee

‎12-28-2005 09:14 AM

"show ip access-lists" does not account for packets that are access controlled in hardware. Use the "show access-lists hardware counters" instead.

Also, "sh policy-map" command is not supported in 3560/3750 switches. Use "sh mls qos int x/y statistics" instead.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents