08-21-2013 11:49 PM - edited 03-04-2019 08:50 PM
Hi,
I have some problems with a per port per vlan rate-limiting on a
cisco 7600
eth#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 24 CEF720 24 port 1000mb SFP WS-X6724-SFP SAL1072CG0F
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAL1017M4XQ
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
1 0019.7606.f714 to 0019.7606.f72b 2.5 12.2(14r)S5 12.2(33)SRD3 Ok
5 0015.b62f.d2e4 to 0015.b62f.d2e7 5.2 8.5(2) 12.2(33)SRD3 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
1 Centralized Forwarding Card WS-F6700-CFC SAL1106DHP0 2.1 Ok
5 Policy Feature Card 3 WS-F6K-PFC3B SAL1019M3J6 2.3 Ok
5 MSFC3 Daughterboard WS-SUP720 SAL1017MAEW 2.5 Ok
Mod Online Diag Status
---- -------------------
1 Pass
5 Pass
This is an example of MQC classification
class-map match-any 427MIETH01
match vlan 1000-1001
!
policy-map P427
class 427MIETH01
bandwidth 10000
interface g1/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk service-policy input P427
when I attach the policy-map P427 on a trunk interface I receive this error:
"Match vlan is not supported for this interface" ?
Thanks
Roberto
08-26-2013 05:36 AM
Hi all,
I still do not understand why CISCO 7600 can be configured as “per vlan layer2 QoS classification”, but still it does not work .
I have been through the technical features and below is what I found:
"It is important to note that on the Catalyst 6500, QoS parameters available in Router IOS are no necessarily available.Even with the presence of some of these commands are there in the CLI, does not necessarily mean they are supported on all interface"
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11_538840.html
and:
"As of Cisco IOS Release 12.2(31)SB2, the QoS: Match VLAN feature is supported on Cisco 10000 series routers only.
This feature was introduced on Cisco ASR 1000 Series Routers. "
http://www.cisco.com/en/US/docs/ios-xml/ios/qos_classn/configuration/15-s/qos-classn-vlan.html
Am I missing something or is this the answer:
Cisco 7600 do not support " per vlan layer 2 QoS classification", not even using ES+ card or different ones.
Thanks for your reply.
Roberto Re
08-27-2013 01:00 PM
Hello Roberto Re,
You are trying to configure shaping on a LAN module in your case WS-X6724-SFP, which does not support it. LAN modules like 67XX supports only policing as a rate limiting tool in ingress direction and in your case all configuration will be applied to PFC engine on supervisor, since the linecard in slot 1 doesn't have a DFC.
You can try to use VLAN-Based QoS, this type of configuration allows to limit traffic rate on per VLAN basis, but the configuration applies on all physical ports with allowed VLAN. In a short, you apply policy-map to an SVI interface and enable "mls qos vlan-based" on physical L2 interface which carries a VLAN traffic.
VLAN-Based QoS is described in the following document:
Ingress policing on per VLAN basis or per service instance on a switchport is supported on ES+ card.
08-28-2013 01:32 AM
Thanks for your reply Dmytro,
I already tried a VLAN-Based QoS configuration, but applying the policy-map P427 on a test SVI (L3) interface (with & without IP address) the problem remains the same: a L2 classification problem in the class-map match-any 427MIETH01 (_*match vlan*_).
When I attach the policy-map P427 also on a test SVI I have this error again": "Match vlan is not supported for this interface".
Now my question is:
using an ES+ card would it be possible to configure the L2 _*match vlan*_ classification on a 7600?
or:
"As of Cisco IOS Release 12.2(31)SB2, the QoS: Match VLAN feature is supported on Cisco 10000 series routers only.
This feature was introduced on Cisco ASR 1000 Series Routers. "
http://www.cisco.com/en/US/docs/ios-xml/ios/qos_classn/configuration/15-s/qos-classn-vlan.html
Thanks and kind regards,
Roberto
08-28-2013 01:49 AM
Hello Roberto,
There is no need to match vlan in case your attaching policy-map to SVI interface in vlan-based qos case, it's sufficient to use police under class-default.
Example for VLAN ID 100
interface GigabitEthernet1/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100
switchport mode trunk
mtu 9216
speed nonegotiate
mls qos vlan-based
!
interface Vlan100
service-policy input VLAN100-POLICE
!
policy-map VLAN10-POLICE
class class-default
police 128000 conform-action transmit exceed-action drop
!
--
Best regards,
Dmitry Skotnikov
08-28-2013 05:14 AM
Hello Dmitry,
Ok,but in this way the traffic, coming from a trunk, must flow through a L3 interface (SVI).
I thought it was possible a L2 VLAN traffic classification on a L2 interface, for the reason that other type of classification are possible on an L2 interface .
Thanks and kind regards,
Roberto
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide