cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1172
Views
0
Helpful
9
Replies

Cisco 871 vlan QOS

iroccorp.com
Level 1
Level 1

Hi,

I am wondering if there is a bug in the latest cisco firmware for the 871 routers

c870-advipservicesk9-mz.124-11.T2 .

We noticed a major problem since upgrading from c870-advipservicesk9-mz.124-4.T3, in that it wont allow us to set a qos service policy on our vlan, which was working before.

The error we get when configuring is:

ROUTER(config-if)#service-policy output qos

Configuration failed!

We still have a router with the old firmware on it and it is fine and works.

Example (Router with old firmware):

interface Vlan2

description L2$FW_INSIDE$

bandwidth 10000

ip address 192.168.222.18 255.255.255.248

ip nbar protocol-discovery

ip nat inside

ip virtual-reassembly

ip ospf message-digest-key 1 md5 xxxx

ip ospf network non-broadcast

ip ospf cost 10

service-policy output qos

where as the new router will throw the error on the last statement.

Anyone have any suggestions?

S.

9 Replies 9

paolo bevilacqua
Hall of Fame
Hall of Fame

Hello,

and what is the service policy that you was trying to apply?

It is quite possible that during testing has been found that QoS doesn't work on 87x VLAn interfaces so the command has been removed to prevent confusion. Note this is just an hypothesis on my side.

Let me clarify better what I mean with the above. Depending on what your service-policy 'qos 'does, it may or may not be applicable to a VLAN interface. And, the command has not been removed, but an error is generated when applied. That is similar to the QoS limitations for the etherswitch module, explained at:

http://cisco.com/en/US/products/hw/modules/ps2797/products_configuration_example09186a00808066b8.shtml

Hope this helps, please rate post if it does!

It's weird, because as per old version the QOS was actually working. We have a few port defines, etc..

The problem with the old version was a bug in APPFW, that was the reason we upgraded.

So if cisco did any testing to decide to remove this, i am not sure why or what they tested, because our previous version worked just fine.

It seems as if Cisco has removed ALL QOS setting capabilities from 871's .. even when having the Advanced firmware.

WHY????

What are all the QoS capabilities been removed?

How your service-policy looks like?

If it falls in the types mentioned in the document linked above, it is an unsupported feature hence the "config fail" message.

The capabilities that where removed are any of the nbar settings. Basically one can't define custom nbar's anymore. The command is still there but it generates an error when trying to add a protocol to the list. Also 12.4-11.T2 has a bug in that it had removed all predefines like protocol h323 sip skinny, etc.. This part at least seems to have been rectified in 124-11.XW, except one can't define any nbar's. The other thing one was able to do is to set a service-policy on a Vlan (not just a tag). Here is a example of a config what it was in 12.4-4.T3 which worked perfectly for handling the QOS settings, but not anymore on any later versions.

ip nbar custom iax2 udp 4569 <--- not working any more

ip nbar custom RDP5 tcp 3389

class-map match-any Voice-Video_signaling

match protocol h323

match protocol sip

match protocol rtcp

match protocol mgcp

match protocol skinny

match protocol dns

class-map match-any Transactional_Data

match protocol exchange

match protocol sqlserver

class-map match-any sdm_p2p_kazaa

match protocol fasttrack

match protocol kazaa2

class-map match-any sdm_p2p_edonkey

match protocol edonkey

class-map match-any Video_Payload

match protocol rtp video

class-map match-any sdm_p2p_gnutella

match protocol gnutella

class-map match-any Voice_Payload

match protocol iax2

match access-group name acl-voice-traffic

class-map match-any Best_Effort

match protocol icmp

match protocol http

match protocol secure-http

match protocol pop3

match protocol secure-pop3

match protocol smtp

match protocol ftp

class-map match-any sdm_p2p_bittorrent

match protocol bittorrent

class-map match-any Mission_Critical_Data

match protocol citrix

match protocol RDP5

match protocol kerberos

match protocol ldap

match protocol ntp

match protocol secure-ldap

match protocol ssh

match protocol syslog

match protocol icmp

class-map match-any Bulk_Data

match protocol netbios

match protocol printer

interface Vlan2

description L2$FW_INSIDE$

ip address 192.168.250.10 255.255.255.248

ip nbar protocol-discovery

ip nat inside

ip virtual-reassembly

ip ospf network non-broadcast

ip ospf cost 10

service-policy output qos <-- not working any more but causing error.

Forgot to add the actual service policy map.

policy-map qos

class Voice_Payload

set dscp ef

bandwidth 1500

class Video_Payload

set dscp af41

class Voice-Video_signaling

set dscp cs3

bandwidth 64

class Mission_Critical_Data

set dscp af31

class Transactional_Data

set dscp af21

class Bulk_Data

set dscp af11

class Best_Effort

set dscp default

I do not see your config falling into the mentioned limitations so I suggest you open a case with the TAC for further investigation by cisco.

dan.agache
Level 1
Level 1

Hello,

can you tell me how you solved this problem?

Thank you,

Dan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco