Hi,

For testing purpose, I configured a QoS policy with MAC ACL to match the traffic, but for some reason the traffic couldn't get matched correctly. For example, I initiated an FTP session, but no packet got matched so that the QoS policy was not able to police the traffic. Wanted to confirm whether I have made any mistakes in my configurations.

Configuration:

---------------------

mac access-list ubuntu

  10 permit any 0050.5600.0000 0000.0000.ffff

  20 permit 0050.5600.0000 0000.0000.ffff any

class-map type qos match-any linux

   match access-group name ubuntu

policy-map type qos policy1

  class  linux

    police cir 250 kbps bc 100 ms conform transmit violate drop

interface Vethernet1

  inherit port-profile n1kVLAN103

  service-policy type qos input policy1

  service-policy type qos output policy1

  description Ubuntu Linux2, Network Adapter 1

  vmware dvport 160 dvswitch uuid "3e 3e 37 50 49 e4 4e e6-4d 33 d6 6c 35 31 51 a2"

  vmware vm mac 0050.5600.0006

---------------------

My VM's mac is "0050.5600.0006". I used "show policy-map interface vethernet 1" command to verify how many packets got matched/violated/dropped.

Nexus 1000v version: 4.2(1)SV1(4a)

ESXi version: 5.0.0 build 474610

Thanks!