cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1156
Views
0
Helpful
7
Replies

C3750 and policy maps

AJ Schroeder
Level 1
Level 1

Hello group,

I am attempting to attach an input service-policy to a gigabit interface on a 3750G running 12.2(44)SE1. This is to watch for and mark signaling traffic for our DNS solution. My commands are as follows:

ip access-list extended SXDMS-DMM1-Signaling
permit tcp host 10.199.0.10 any eq 7777
!
class-map match-any SXDMS-DMM1-Signaling-cmap
match access-group name SXDMS-DMM1-Signaling
!
policy-map QoS-Policy-Cisco-DMS
class SXDMS-DMM1-Signaling-cmap
  set dscp cs3
!
interface GigabitEthernet1/0/31
service-policy input QoS-Policy-Cisco-DMS
!
interface GigabitEthernet2/0/31
service-policy input QoS-Policy-Cisco-DMS

Which I believe is ok, but when I go to look at the policy-map on either interface, I don't see any matches at all:

sho policy-map int gi1/0/31
GigabitEthernet1/0/31

  Service-policy input: QoS-Policy-Cisco-DMS

    Class-map: SXDMS-DMM1-Signaling-cmap (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name SXDMS-DMM1-Signaling
        0 packets, 0 bytes
        5 minute rate 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
SWITCH1(config-ext-nacl)#do sho policy-map int gi2/0/31
GigabitEthernet2/0/31

  Service-policy input: QoS-Policy-Cisco-DMS

    Class-map: SXDMS-DMM1-Signaling-cmap (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name SXDMS-DMM1-Signaling
        0 packets, 0 bytes
        5 minute rate 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
SWITCH1(config-ext-nacl)#

I even tried dropping in a permit ip any any on the ACL and still no matches!

Is there something that I am doing wrong?

Thanks,

AJ Schroeder

1 Accepted Solution

Accepted Solutions
7 Replies 7

Out of curiousity are these interfaces you are applying the configuration to switchports or routed ports? Just wondering how the interface is set up.

-Todd

These are just access ports (switchports) that are the uplinks for the Windows media server.

AJ

AJ,

I wonder if you applied your policy map to the vlan SVI thats doing the routing if you would have any more luck seeing the traffic. I do not see anything glaringly obvious with your config that would explain your issue.  Should you decide to apply it to the SVI you need to add 'mls qos vlan based' to the physical interfaces.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swqos.html

Good luck

-Todd

Todd,

Thanks for the responses so far. Here's another interesting thing - I recently put auto qos voip cisco-phone on a 3560 and it creates policy-maps as well and applies them to physical interfaces, and I don't see any matches there either. One of the ports that the policy map is applied to has a Cisco phone attached directly to it. That 3560 is running 12.2(53)SE2.

In any case, I'll try and put the policy map on the SVI and we can see what happens from there.

Thanks,

AJ

Todd,

FYI that I tried your suggestion about applying the policy map to the SVI and using 'mls qos vlan-based' on the physical interfaces and that did not solve the issue. This wouldn't have to do with traffic being hardware switched vs. hitting the CPU?

At any rate, I am going to open a TAC case on this problem and post the outcome of that.

Thanks,

AJ

djh278778
Level 1
Level 1

That is what is happening! I took a sniff from another network segment and the packets are being marked as expected. Quite unexpected!

Thank you all for the help/suggestions,

AJ

Review Cisco Networking for a $25 gift card