Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1031
Views
3
Helpful
5
Replies

sdwan data-prefix-list

yoav-shneor
Level 1
Level 1

‎05-31-2023 11:58 PM

Hello team .

Is there a way to see data-prefix-list configured on vManage as CLI ? 

is there a way to see counters for a "match" like you do on a regular router  by show ip access list ? 

Labels:
5 Replies 5

Kanan Huseynli
VIP
VIP

‎06-01-2023 01:55 PM

Hi,

centralized policy elements are pushed from vManage to vSmart. Then it is pushed from vSmart to v Edge.

But Localized policy elements are directly pushed from vManage to vEdges.

On vEdge you can check for these lists (add sdwan keyword after show keyword for cEdge):

show policy from-vsmart lists

show running-config policy lists

On vManage, there is no CLI option.

On routers, you can use "show policy access-list-counters " to see counters. (add sdwan keyword for cEdge)

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

yoav-shneor
Level 1
Level 1
In response to Kanan Huseynli

‎06-03-2023 10:11 PM

Thank you very much for these commands they help.
I'll try to pinpoint the problem I'm having. I have traffic in packet capture that it is marked with DSCP EF46, but I am not the one who marks it in my centralized policy.
The customer claims that he does not mark either.
I want to search for these addresses within all the Data Prefix that is in the centralized policy->define list view.

Maybe I'm missing it within some range

TNX 

 

0 Helpful

Kanan Huseynli
VIP
VIP
In response to yoav-shneor

‎06-04-2023 03:41 AM

HI,

EF46 is well-known DSCP for most voice traffic. I can be directly marked on voip systems.

Regarding how to check in centralized policy, use " show running-config policy" in vSmart.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

yoav-shneor
Level 1
Level 1
In response to Kanan Huseynli

‎06-04-2023 08:24 PM

Hi ,

I have Voip & Video on that solution and i am mrking  that traffic to 46 but its another vlan and other prefixes .
Again my problem is marked data packets that no body knows who is marking them to 46.

I think ill have to do some sniffing beyond the sdwan domain , maybe on customers switches 

 

Thanks Kanan

0 Helpful

Kanan Huseynli
VIP
VIP
In response to yoav-shneor

‎06-05-2023 03:13 AM - edited ‎06-05-2023 11:39 AM

Hi,

how did you notice this value? If you captured somehow, you should have IP address also, and you can begin from there.

By the way, in SD-WAN there may be explicit (admin configured) DSCP via access-list too. Check for access-lists on routers (acl applied to interface are directly pushed from vmanage to router via localized policy).

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Customers Also Viewed These Support Documents