Showing results for 
Search instead for 
Did you mean: 

Check IP/packets in "Default" class


I'm wanting to clean up the default class-map. At the moment the key apps are not grouped into a manual class-map & fall under the "default" class.

It is concerning that during congestion key apps have to scrap for bandwidth. I'm looking to distinguish key applications & move them into existing class-maps.

My proposal is to match on destination IP addresses.

The proposed router config looks like this:-

ip access-list extended CAT1_APPS_ACL

remark *** Category 1 Applications -  Destination IP's ***

permit ip any host

permit ip host any


class-map match-any EXISTING_CLASS-MAP

match access-group CAT1_APPS_ACL




  set dscp cs3


int ***

service-policy output EXISTING_OUT_POLICY

Other than creating a span session is there a way to view relevant IP details within the default class? I need to verify/create a baseline of what is currently visible in the default class,

then post implementation check again to ensure they've been migrated to the EXISTING_CLASS-MAP.

To add, we dont have netflow either.

Any thoughts are appreciated.


Edison Ortiz
Hall of Fame Mentor Hall of Fame Mentor
Hall of Fame Mentor

There isn't a way to detail what falls under the default class-map.

Your idea should work.



Thanks for your reply Edison.

I have tried this today & can see matches under the CAT1_APPS_ACL & I also see pkts incrementing under my class-map too. (sh policy-map int *** output class EXISTING_CLASS_MAP)

This is evidence enough that these key apps no longer fall in the default class

Great, thanks for the post back.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: