Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
2
Replies

Catalyst 2950T TCP Port Priority

mb
Level 1
Level 1

‎05-09-2004 08:49 PM - edited ‎03-02-2019 03:34 PM

I have recently purchased a Catalyst 2950T 24 port switch in order to leaviate congestion issues on a remote site connected via a DSL connection. This remote site is also running a exchange server.

I need to prioritize TCP Port 3389 above POP3 & SMTP.

I have done this previously on a 3600 Router using priority listing:

priority-list 1 protocol ip high list 100

priority-list 1 protocol ip medium tcp 3389

priority-list 1 protocol ip normal tcp www

priority-list 1 protocol ip normal tcp ftp-data

priority-list 1 protocol ip normal tcp ftp

priority-list 1 protocol ip low tcp pop3

priority-list 1 protocol ip low tcp smtp

priority-list 1 protocol ip low

and priority grouping under the desired port (priority-group 1), though unfortunatly the "priority-group" command is not recognisd under the 2950T (Running IOS 12.1(14)EA1a)

Find detailed below current config of the 2950T. The current config doesnt appear to be performing.

If anyone can shed some light it would be greatly appreciated.

Current configuration : 2951 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cat-2950

!

enable secret xxxxx

!

wrr-queue bandwidth 10 20 40 80

wrr-queue cos-map 1 0 1

wrr-queue cos-map 2 2 3

wrr-queue cos-map 3 4

wrr-queue cos-map 4 5 6 7

!

class-map match-all class_smtp

match access-group name list_smtp

class-map match-all class_www

match access-group name list_www

class-map match-all class_pop3

match access-group name list_pop3

class-map match-all class_tcp-3389

match access-group name list_tcp-3389

!

!

policy-map policy1

class class_tcp-3389

set ip dscp 26

police 100000000 32768 exceed-action drop

class class_www

set ip dscp 18

police 100000000 32768 exceed-action drop

class class_pop3

set ip dscp 10

police 100000000 32768 exceed-action drop

class class_smtp

set ip dscp 10

police 100000000 32768 exceed-action drop

policy-map policy2

class class_tcp-3389

set ip dscp 26

police 100000000 32768 exceed-action drop

class class_www

set ip dscp 18

police 100000000 32768 exceed-action drop

class class_pop3

set ip dscp 10

police 100000000 32768 exceed-action drop

class class_smtp

set ip dscp 10

police 100000000 32768 exceed-action drop

!

mls qos map dscp-cos 0 to 0

mls qos map dscp-cos 16 to 1

mls qos map dscp-cos 24 to 2

mls qos map dscp-cos 32 to 3

mls qos map dscp-cos 40 to 4

mls qos map cos-dscp 0 10 18 26 34 46 48 56

ip subnet-zero

!

no ip domain-lookup

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

service-policy input policy1

!

interface FastEthernet0/2

service-policy input policy2

!

interface FastEthernet0/3 ..to.. 24

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address 192.168.60.2 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.60.1

ip http server

!

ip access-list extended list_pop3

permit tcp any eq pop3 any

ip access-list extended list_smtp

permit tcp any eq smtp any

ip access-list extended list_tcp-3389

permit tcp any eq 3389 any

ip access-list extended list_www

permit tcp any eq www any

!

!

line con 0

exec-timeout 0 0

line vty 0 4

password #####

login

line vty 5 15

password #####

login

!

end

Labels:
0 Helpful
2 Replies 2

rfroom
Cisco Employee
Cisco Employee

‎05-10-2004 02:21 PM

Post a show policy-map policy1 and a show mls qos interface fastethernet 0/1 and 0/2; let's see what those commands show.

0 Helpful

mb
Level 1
Level 1
In response to rfroom

‎05-10-2004 05:09 PM

Cat-2950#show policy-map policy1

Policy Map policy1

class class_tcp-3389

set ip dscp 26

police 100000000 32768 exceed-action drop

class class_www

set ip dscp 18

police 100000000 32768 exceed-action drop

class class_pop3

set ip dscp 10

police 100000000 32768 exceed-action drop

class class_smtp

set ip dscp 10

police 100000000 32768 exceed-action drop

Cat-2950#show mls qos interface fastethernet0/1

FastEthernet0/1

Attached policy-map for Ingress: policy1

trust state: not trusted

trust mode: not trusted

COS override: dis

default COS: 0

pass-through: none

trust device: none

Cat-2950#show mls qos interface fastethernet0/2

FastEthernet0/2

Attached policy-map for Ingress: policy2

trust state: not trusted

trust mode: not trusted

COS override: dis

default COS: 0

pass-through: none

trust device: none

I look forward to your response / advice.

Thanks

0 Helpful
Customers Also Viewed These Support Documents