The same error message appears for ethernet subinterfaces too, So if you have an idea please don't hesitate :)

Well with ethernet subinterfaces you just attach the policy to the physical interface.

Sub interfaces still have to traverse across the physical interface so as long as the class-map is correctly identifying the traffic, it will also catch traffic from the subinterface.

For example...

I have a five QoS policy that is applied to our router here.  I'm tagging voice traffic, business system traffic (the main business system), business traffic (any other business related traffic), Guest network access, and then the default traffic.

We were having issues here where guests did not have enough bandwidth for streaming presentations in on our conference room, so the owners wanted me to section them off a little more.

So my policy is basically:

Voice

priority 25%

Business System

remaining 20% (just a citrix app doesn't need a lot of bandwidth, but needs some reserved for it to help with queueing)

Buisness Apps

remaining 40%

Guest access

remaining 30%

default

best effort

Now we have 4 vlans

Main (native)

MobileDevices (laptops)

BYOD (phones tablets etc)

Guest Access (internet access only)

I needed to apply shaping for all subnets/subinterfaces.  Voice was fairly straight forward, I just match the voice protocols H323 and SIP for the voice class.

Business system I identify by ACL destination address

Business applications same as above

Guest I identify with ACL source address

For example:

ip access-list extended Guest_Bandwidth_ACL

permit ip any 192.168.100.0 0.0.0.255

class-map match any Guest_CoS

match access-group Guest_Bandwidth_ACL

policy-map Bandwidth_Shaping_QoS

class Guest_CoS

bandwidth remaining percent 30

Even though the traffic for the guest network is coming across FastEthernet0/0.20 (VLan20 for guests), the QoS policy which is applied to the physical interface is still tagging traffic and applying QoS policy across the physical link.

If you're matching by protocol it should be a no brainer, if you're matching by ACL, maybe try reseting your ACL to clear counters, apply the ACL back to the class and policy, and apply the policy to the physical interface.

Then try sending test data across the network and watch the ACL counter and make sure it's going up so you know the ACL is correct and is tagging the traffic.  If the ACL counters aren't moving when you look at "show access-list", than maybe there is a problem with the ACL.

I'm not sure if this will be helpful or not, but I know for a fact that if you identify the traffic, even if the traffic is coming across a subinterface, in your class-map, and apply the service policy to the physical link, it will associate and apply the QoS policy to traffic from the subinterfaces.

Thank your for your input, Joseph and William.

The solution I did is the following:

- create a parent policy

- apply average shaping and CIR (=interface bandwidth) to the class "class-default"

- create a child policy that implements my QoS strategy

- call the child policy under the parent policy (service-policy Child_Policy)

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Yep, that's how it's generally done.