Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1039
Views
15
Helpful
3
Replies

3750-X QOS

Alan David Sulino Brito
Level 1
Level 1

‎05-12-2016 07:23 AM - edited ‎03-08-2019 05:44 AM

Hello,

I'm trying to apply a QoS profile in the company's headquarters like what I have in my routers branches.

I'm no expert in QOS therefore encounter difficulties in understanding and application functionality, but I have applied and running in other locations with routers.

The difference is precisely this, with router works, with 3750-x switch does not work, could help me understand my case?

class-map match-all BestEffort
  match ip dscp default
class-map match-all TrafegoVoz
  match ip dscp ef
  match access-group name TrafegoVoz
class-map match-all NetworkControl
  match ip dscp cs2
  match access-group name NetworkControl
class-map match-all TrafegoVideo
  match ip dscp af41
  match access-group name TrafegoVideo
class-map match-all MissaoCritica
  match ip dscp af31
  match access-group name TrafegoMissaoCritica
class-map match-all TrafegoInterativo
  match ip dscp af21
  match access-group name TrafegoInterativo
!
policy-map SaidaWAN
 class TrafegoVoz
  police 16777000 8000 exceed-action policed-dscp-transmit
   set ip dscp ef
 class TrafegoVideo
   set ip dscp af41
  police 50331500 8000 exceed-action policed-dscp-transmit
 class MissaoCritica
   set ip dscp af31
  police 335544000 8000 exceed-action policed-dscp-transmit
 class TrafegoInterativo
   set ip dscp af21
  police 251656000 8000 exceed-action policed-dscp-transmit
 class NetworkControl
  police 16777000 8000 exceed-action policed-dscp-transmit
 class BestEffort
   set ip dscp default
  police 167772000 8000 exceed-action policed-dscp-transmit

 
  ip access-list extended NetworkControl
 permit udp any any eq snmp
 permit udp any eq snmp any
 permit udp any any eq snmptrap
 permit udp any eq snmptrap any
 permit tcp any any eq 22
 permit tcp any any eq 10443
ip access-list extended TrafegoInterativo
 permit tcp any any eq 8080
 permit tcp any eq 8080 any
 permit tcp any any eq 443
 permit tcp any eq 443 any
 permit tcp any any eq www
 permit tcp any eq www any
ip access-list extended TrafegoMissaoCritica
 permit ip 192.168.2.0 0.0.0.255 any
 permit ip any 192.168.2.0 0.0.0.255
 permit ip 172.30.0.0 0.0.0.255 any
 permit ip any 172.30.0.0 0.0.0.255
 permit ip 172.16.0.0 0.0.0.255 any
 permit ip any 172.16.0.0 0.0.0.255
ip access-list extended TrafegoVideo
 permit ip host 172.31.1.10 any
 permit ip any host 172.31.1.10
ip access-list extended TrafegoVoz
 deny   udp any any fragments
 deny   ip any any fragments
 permit udp any any range 16384 41000
 permit udp any range 16384 41000 any
 permit udp any any eq 5060
 permit tcp any any eq 5061
 permit ip any any dscp ef

 
 

MAT02-SW3750-STK(config)#int g2/0/24
MAT02-SW3750-STK(config-if)#service-policy input SaidaWAN


MAT02-SW3750-STK(config-if)#service-policy input SaidaWAN
QoS: class(TrafegoVoz) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoVoz) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoVideo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoVideo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(MissaoCritica) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(MissaoCritica) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoInterativo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoInterativo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(NetworkControl) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoVoz) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoVideo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(MissaoCritica) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(TrafegoInterativo) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
QoS: class(NetworkControl) match ip can be used only with match protocol in a match-all class [GigabitEthernet2/0/24]
MAT02-SW3750-STK(config-if)#


MAT02-SW3750-STK#sh policy-map interface gigabitEthernet 2/0/24
 GigabitEthernet2/0/24

  Service-policy input: SaidaWAN

    Class-map: TrafegoVoz (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp ef (46)
      Match: access-group name TrafegoVoz

    Class-map: TrafegoVideo (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp af41 (34)
      Match: access-group name TrafegoVideo

    Class-map: MissaoCritica (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp af31 (26)
      Match: access-group name TrafegoMissaoCritica

    Class-map: TrafegoInterativo (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp af21 (18)
      Match: access-group name TrafegoInterativo

    Class-map: NetworkControl (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp cs2 (16)
      Match: access-group name NetworkControl

    Class-map: BestEffort (match-all)
      1 packets, 66 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp default (0)

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
MAT02-SW3750-STK#

Labels:
0 Helpful
3 Replies 3

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎05-12-2016 08:24 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The 3750-X supports QoS, but it's features are limited compared to Cisco routers.  Its QoS is also bound to its hardware, so its configuration and features supported can be very different too.  Unfortunately, in a sentence (or paragraph) or two, I wouldn't be able to easily instruct you how they differ.

will
Level 3
Level 3

‎05-13-2016 03:00 PM

hi alan, the switch doesn't have the code to do some more advanced things like priority percent for different queues in the outbound direction out of interface. this means the best you could get is to mark the traffic in switch; and then do the priority/percent/policing somewhere else. since you are using policing, here is a quote about 3750 policing, showing it can only be done on ingress, not on egress:

"On the Cisco Catalyst 3750 Switch, policing can only be configured on the ingress port. Policing can only be configured through MQC. This means there is no interface specific command to police the traffic. You can configure policing in the policy-map and you can apply the policy-map using only the service-policy input <policy-name> command. You cannot apply any policy-map to the output side of an interface."

this is taken from this useful link:

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/91862-cat3750-qos-config.html#cg23

this is a good document published by cisco. in such cases where MPLS might be deployed and you are using an L3 switch (no router), you would probably want to do classification/marking on the switch and ensure you mark CoS/DSCP values to a policy that is implemented on the MPLS provider backbone network. the provider would then handle the priority/policing. If you cannot do that, then it might be good to research putting a "real" router in the middle, rather than L3 switch.

Furose M
Level 3
Level 3

‎05-14-2016 10:52 AM

In Routers, its done in software. so, you will have more feasibility.. in switches, its done in hardware. so, you will have a lot of restrictions.

now, as the error message clearly explains, if you are using "match ip", you can only combine it with
match protocol" when using "match-all". thats the limitation and cant get over it. you can try "match-any" if it may help.

now, the "show policy-map" command is not supported in this platform. so, you cant really use it for verification as its counters dont hold true.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card