cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
600
Views
0
Helpful
3
Replies

Catalyst 3750 QoS marking

gsidhu
Level 3
Level 3
Hi
Using ACLs to classify traffic. This includes FTP traffic. However Catalyst 3750 switch is not marking the traffic. 
I have attached snippets from the configuration and details when testing FTP traffic. According to the configuration this traffic should be marked with DSCP AF11 (decimal 10)
To test the QoS policy a laptop connected to port FastEthernet1/0/11. The laptop established an FTP connection to a server on the network.
To get to the FTP server the traffic has to go out of one of the Layer 2 uplink ports (GigabitEthernet1/0/1 or GigabitEthernet1/0/2) which are configured as a layer 2 port channel. Therefore I was expecting hits for DSCP 10 on one of these uplink ports.
However none of these uplink ports are showing any hits which implies that the Catalyst 3750 switch is not marking FTP packets.
I am hoping that somebody out there with QoS expertise will be able to check the relevant parts of the configuration which I have copied and pasted in the attachment. The attachment also includes the output of the 'sh mls qos interface gi x/y/z statistics for both uplink ports.
As I mentioned I was expecting a non zero value for DSCP 10 under 'dscp: outgoing' for at least one of these links.
Thanks
3 Replies 3

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

You don't need to have a permit ip any any for all remaining traffic. You have all class-map that classify all specific traffic and then there is a class-default for all remaining traffic. 

Could you please try this: 

policy-map Incoming-Access-Policy
description QoS Policy for end user traffic
  class Incoming-Bulk-Class
    set ip dscp af11
  no class Incoming-Default-Class

 class class-default
    set ip dscp default

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

The problem turned out to be down to acl. There was another acl for marking traffic with AF21. End of this acl there was permit tcp any (which was an error).

Wireshark showed that FTP traffic was getting marked AF21. Removed the error and now switch is marking FTP traffic correctly  (with AF11).

Ok I didn't noticed that specific ACL you're talking about on your txt file. It was not shown in your config sample.

However, just to classify all remaining traffic, as I said, your class-map Incoming-Default-Class isn't needed. Use the class-default instead.

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Review Cisco Networking for a $25 gift card