12-06-2018 01:02 PM - edited 03-03-2019 08:57 AM
I am trying to shape AF1 traffic
I am seeing hits on my other queues but not AF1
I know there is traffic matching my ACL
Q has anyone got a similar configuration ?
class-map match-any ce_af1_customer
description Match AF1 Class map
match ip dscp cs1 af11 af12 af13
match access-group name preactor-gmps-critical
kf-r-park-royal-01#s hinv
bkf-r-park-royal-01#show inv
bkf-r-park-royal-01#show inventory
NAME: "Chassis", DESCR: "Cisco ISR4331 Chassis"
PID: ISR4331/K9 , VID: V04, SN: FDO2223A2N7
class-map match-any ce_af1_output
description Marking AF1 Class map
match class-map ce_af1_customer
policy-map cpe_out_child
description MGMT:8K EF:0K AF1:0K AF2:0K AF3:0K AF4:0K
class ce_mgmt_bun_output
police 8000 8000 8000 conform-action set-prec-transmit 6 exceed-action set-prec-transmit 6
bandwidth 3
random-detect
random-detect precedence 0 22 35 10
random-detect precedence 6 22 35 10
class ce_af4_output
police 3000000 conform-action set-dscp-transmit af41 exceed-action set-dscp-transmit af42
class ce_af3_output
police 400000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32
class ce_ef_output
police 4000000 conform-action set-dscp-transmit ef exceed-action drop
priority
class ce_af2_output
shape average 8000000
class ce_af1_output
shape average 8000000
class class-default
random-detect
12-07-2018 12:23 AM
Hello
i don’t see why your class map ce_af1_customer is nested into the parent class map ce_af1_output as it not nested with anything else you could try matching on ce_af1_customer instead
12-07-2018 03:33 AM
12-11-2018 07:27 AM
12-12-2018 06:02 AM
12-12-2018 06:41 AM
12-14-2018 06:04 AM
Hmm, so I now look at your first policy class, which is:
policy-map cpe_out_child
description MGMT:8K EF:0K AF1:0K AF2:0K AF3:0K AF4:0K
class ce_mgmt_bun_output
Then I look at the class-map:
class-map match-any ce_mgmt_bun_output
match access-group name QOS_MANAGEMENT
Then I look to see what's in "QOS_MANAGEMENT" - missing from your latest post? Other ACLs also missing?
12-17-2018 01:41 AM
thanks for your reply
bkf-r-park-royal-01#sh access-lists QOS_MANAGEMENT
Extended IP access list QOS_MANAGEMENT
10 permit ip any 194.72.105.0 0.0.0.31
bkf-r-park-royal-01#
note --- we have checked netflow and packet captures toe ensure there are active IP packets matching the ACL
we still do not see hits
when I change the match to protocol http -- I see hits
Q do you think this behaviour could relate to a software defect on the router ?
12-17-2018 07:27 AM
12-18-2018 12:35 PM
thanks all for your help
I had to change the ACL to extended -- saw no hits on the standard
12-12-2018 12:09 AM
thanks for your quick reply
I had tried removing the nested class map
it made no difference
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: