Check IP/packets in "Default" class

paulwoodsy · ‎12-09-2013

I'm wanting to clean up the default class-map. At the moment the key apps are not grouped into a manual class-map & fall under the "default" class.

It is concerning that during congestion key apps have to scrap for bandwidth. I'm looking to distinguish key applications & move them into existing class-maps.

My proposal is to match on destination IP addresses.

The proposed router config looks like this:-

ip access-list extended CAT1_APPS_ACL

remark *** Category 1 Applications - Destination IP's ***

permit ip any host 1.1.1.1

permit ip host 1.1.1.1 any

!

class-map match-any EXISTING_CLASS-MAP

match access-group CAT1_APPS_ACL

!

policy-map EXISTING_OUT_POLICY

class EXISTING_CLASS-MAP

set dscp cs3

!

int ***

service-policy output EXISTING_OUT_POLICY

Other than creating a span session is there a way to view relevant IP details within the default class? I need to verify/create a baseline of what is currently visible in the default class,

then post implementation check again to ensure they've been migrated to the EXISTING_CLASS-MAP.

To add, we dont have netflow either.

Any thoughts are appreciated.

Edison Ortiz · ‎12-09-2013

There isn't a way to detail what falls under the default class-map.

Your idea should work.

Regards

Edison

paulwoodsy · ‎12-10-2013

Thanks for your reply Edison.

I have tried this today & can see matches under the CAT1_APPS_ACL & I also see pkts incrementing under my class-map too. (sh policy-map int *** output class EXISTING_CLASS_MAP)

This is evidence enough that these key apps no longer fall in the default class

Edison Ortiz · ‎12-10-2013

Great, thanks for the post back.