04-24-2017 10:38 AM - edited 03-08-2019 10:18 AM
Hello cisco experts!
I have a problem with my scenario in distributing 100mb internet bandwidth with class and policy maps in Cisco Router 1841 which I inherited from an old friend. Its FastEthernet0/0 is connected to an ISP router for internet connection. This link will be distributed to 3 VLAN ports for 3 private networks. I'd like to solicit for your input guys please as to why my current configuration is not, for the life of me, matching packets per interface port.
Here's the configuration i have:
Current configuration : 4049 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname R1
!
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.11.1
ip dhcp excluded-address 192.168.12.1
!
ip dhcp pool vlan10
network 192.168.10.0 255.255.255.252
default-router 192.168.10.1
ip dhcp pool vlan11
network 192.168.11.0 255.255.255.252
default-router 192.168.11.1
ip dhcp pool vlan12
network 192.168.12.0 255.255.255.252
default-router 192.168.12.1
!
ip cef
no ipv6 cef
!
no ip domain-lookup
!
spanning-tree mode pvst
!
class-map match-all subnet-a
match input-interface FastEthernet0/0/0
class-map match-all subnet-b
match input-interface FastEthernet0/0/1
class-map match-all subnet-c
match input-interface FastEthernet0/0/2
!
policy-map shaper
class subnet-a
bandwidth percent 20
class subnet-b
bandwidth percent 20
class subnet-c
bandwidth percent 30
class class-default
fair-queue
random-detect
shape average 100000000
!
interface Loopback0
ip address 172.16.8.1 255.255.255.255
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
service-policy output shaper
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/0/0
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/0/1
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/0/2
switchport access vlan 12
switchport mode access
!
interface FastEthernet0/0/3
switchport mode access
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 192.168.10.1 255.255.255.252
ip nat inside
!
interface Vlan11
ip address 192.168.11.1 255.255.255.252
ip nat inside
!
interface Vlan12
ip address 192.168.12.1 255.255.255.252
ip nat inside
!
ip nat inside source list 7 interface FastEthernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip flow-export version 9
!
!
access-list 7 permit any
!
!
end
Thanks in advance!
Timtim
Solved! Go to Solution.
04-24-2017 12:53 PM
Hello,
change your class maps to:
class-map match-all subnet-a
match input vlan 10
class-map match-all subnet-b
match input vlan 11
class-map match-all subnet-c
match input vlan 12
04-24-2017 12:53 PM
Hello,
change your class maps to:
class-map match-all subnet-a
match input vlan 10
class-map match-all subnet-b
match input vlan 11
class-map match-all subnet-c
match input vlan 12
04-24-2017 06:07 PM
Thank you for the quick reply Sir Georg Pauwen!
Unfortunately, i can't find the command you are suggesting in my 1841. You think I'm using a wrong IOS version? Below are the outputs of my router's match input-interface and show version commands.
R1(config-cmap)#match input-interface ?
Ethernet IEEE 802.3
FastEthernet FastEthernet IEEE 802.3
GigabitEthernet GigabitEthernet IEEE 802.3z
Loopback Loopback interface
Serial Serial
R1(config)#do sh ver
Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 04:52 by pt_team
ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
System returned to ROM by power-on
System image file is "flash:c1841-advipservicesk9-mz.124-15.T1.bin"
Also, you have any idea why i'm not getting packet readings with match input-interface fax/x at all?
Thanks!
04-25-2017 12:17 AM
Hello,
12.4 is rather outdated. I would think that even 'match vlan' is not available as an option in the class-map.
Try to use access lists as match criteria:
class-map match-all subnet-a
match address 110
class-map match-all subnet-b
match address 111
class-map match-all subnet-c
match address 112
access-list 110 permit ip 192.168.10.0 0.0.0.255 any
access-list 111 permit ip 192.168.11.0 0.0.0.255 any
access-list 112 permit ip 192.168.12.0 0.0.0.255 any
04-25-2017 12:54 AM
Hi,
You're right in that match vlan is not an available option too. I also changed the config as you suggested but nope still not seeing them even hit the ACL.
Can you figure of a specific IOS version which might probably fix the problem?
04-25-2017 07:35 AM
Hello,
what options do you have with regard to match criteria in the class map ?
match ?
04-25-2017 07:54 AM
Here you go sir.
R1(config-cmap)#match ?
access-group Access group
any Any packets
class-map Class map
cos IEEE 802.1Q/ISL class of service/user priority values
destination-address Destination address
input-interface Select an input interface to match
ip IP specific values
not Negate this match result
precedence Match Precedence in IP(v4) and IPv6 packets
protocol Protocol
qos-group Qos-group
05-03-2017 08:10 PM
Thanks for the patience and input sir Georg Pauwen. This solution worked like a charm after an IOS upgrade to 12.4T
04-25-2017 05:02 AM
BTW, an 1841 is under powered for a 100 Mbps connection.
04-25-2017 05:36 AM
Hi,
Good point! Unfortunately this is the only cisco router available at my disposal for now. That and the fact that i will only be getting about 75-80% max of my subscribed bandwidth makes me a (un)happy man.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide