- Cisco Community
- Technology and Support
- Networking
- Switching
- changing the field dscp using the policy-map on Catalyst 6500
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
changing the field dscp using the policy-map on Catalyst 6500
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-18-2018 03:18 AM - edited 03-08-2019 01:28 PM
Hi,
I am a new in Network Technologies and I'm still learning and I would be pleased to communicate with intelligent people.
Setting QoS on Catalyst 6506 I ran into the problem:
after attaching a policy-map, which catches the necessary packets (ACL according to IP Source and IP Destination) and remarks the field DSCP (set dscp ef) on the input direction on SVI, in fact, it turns out that the DSCP field is NOT changed, and the EXP field in the MPLS header is changed according to mls qos maps. The counters captured packets in policy-map grow (used commands: sh policy-map interface vl87 and sh mls qos ip vl87). The fact that the DSCP field is not overwritten confirmed by the dump (see the end of this message).
Also I attache the file with the plan of network and some comments.
Perhaps somebody has had the same problem, please help.
Thank you in advance)))
I will describe the issue in more details
Configuring physical port:
!
interface GigabitEthernet3/3
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 87
switchport mode trunk
<---->
wrr-queue random-detect min-threshold 3 70 70 70 70 70 70 70 100
wrr-queue cos-map 1 8 0
wrr-queue cos-map 2 7 1
wrr-queue cos-map 2 8 2
wrr-queue cos-map 3 7 3
wrr-queue cos-map 3 8 4
priority-queue cos-map 1 5 6 7
mls qos vlan-based
Configuring SVI:
!
interface Vlan87
description SKAT_users
ip vrf forwarding SKAT
ip address 10.120.2.1 255.255.255.0
service-policy input test2
!
Configuring Policy Map:
Policy Map test2
Class test2
set dscp ef
!
Class Map match-all test2
Match access-group name test2
!
Extended IP access list test2
10 permit ip host 10.120.2.2 host 10.120.1.2
!
the output of the command show:
!
sh ver
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9-M), Version 15.1(2)SY7, RELEASE SOFTWARE (fc4)
System image file is "sup-bootdisk:/s72033-adventerprisek9-mz.151-2.SY7.bin"
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9-M), Version 15.1(2)SY7, RELEASE SOFTWARE (fc4)
cisco WS-C6506-E (R7000) processor (revision 1.1) with 983008K/65536K bytes of memory.
!
sh module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 24 CEF720 24 port 1000mb SFP WS-X6724-SFP SAL08517BHU
3 48 48-port 10/100/1000 RJ45 EtherModule WS-X6148A-GE-TX SAD09050D8N
5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G SAD121300EY
6 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAD08290CJ7
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
1 0012.7f51.3f64 to 0012.7f51.3f7b 2.1 12.2(14r)S5 15.1(2)SY7 Ok
3 0013.7f2d.2b70 to 0013.7f2d.2b9f 1.0 8.4(1) 15.1(2)SY7 Ok
5 001e.4aab.0c18 to 001e.4aab.0c1f 2.0 8.5(2) 15.1(2)SY7 Ok
6 0011.936f.2b5c to 0011.936f.2b5f 1.5 12.2(18r)S1 15.1(2)SY7 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
1 Centralized Forwarding Card WS-F6700-CFC SAL085073J9 2.0 Ok
5 Policy Feature Card 3 VS-F6K-PFC3C SAD1214074L 1.0 Ok
5 MSFC3 Daughterboard VS-F6K-MSFC3 SAD121406GH 1.0 Ok
6 Centralized Forwarding Card WS-F6700-CFC SAL1318P93A 4.1 Ok
Mod Online Diag Status
---- -------------------
1 Bypass
3 Bypass
5 Bypass
6 Bypass
!
sh mls qos
QoS is enabled globally
Port QoS is enabled globally
Policy marking depends on port_trust
QoS ip packet dscp rewrite enabled globally
QoS serial policing mode disabled globally
Input mode for GRE Tunnel is Pipe mode
Input mode for MPLS is Pipe mode
QoS is vlan-based on the following interfaces: Gi3/3 Te6/2
QoS Trust state is DSCP on the following interface: Te6/2
Vlan or Portchannel(Multi-Earl) policies supported: Yes
Egress policies supported: Yes
QoS 10g-only mode supported: Yes [Current mode: Off]
Global Policy-map: ingress[]
!
sh mls qos maps
policed-dscp-norm-burst-map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
-------------------------------------
0 : 00 01 02 03 04 05 06 07 08 09
1 : 10 11 12 13 14 15 16 17 18 19
2 : 20 21 22 23 24 25 26 27 28 29
3 : 30 31 32 33 34 35 36 37 38 39
4 : 40 41 42 43 44 45 46 47 48 49
5 : 50 51 52 53 54 55 56 57 58 59
6 : 60 61 62 63
policed-dscp-max-burst-map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
-------------------------------------
0 : 00 01 02 03 04 05 06 07 08 09
1 : 10 11 12 13 14 15 16 17 18 19
2 : 20 21 22 23 24 25 26 27 28 29
3 : 30 31 32 33 34 35 36 37 38 39
4 : 40 41 42 43 44 45 46 47 48 49
5 : 50 51 52 53 54 55 56 57 58 59
6 : 60 61 62 63
dscp-cos-map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
-------------------------------------
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
dscp-exp-map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
-------------------------------------
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
cos-dscp-map:
cos: 0 1 2 3 4 5 6 7
------------------------------------
dscp: 0 8 16 24 32 46 48 56
precedence-dscp-map:
ipprec: 0 1 2 3 4 5 6 7
------------------------------------
dscp: 0 8 16 24 32 46 48 56
exp-dscp-map:
exp: 0 1 2 3 4 5 6 7
------------------------------------
dscp: 0 8 16 24 32 46 48 56
!
sh queueing interface g3/3
Interface GigabitEthernet3/3 queueing strategy: Weighted Round-Robin
Port QoS is enabled globally
Queueing on Gi3/3: Tx Enabled Rx Enabled
Trust boundary disabled
Port is untrusted
Extend trust state: not trusted [COS = 0]
Default COS is 0
Queueing Mode In Tx direction: mode-cos
Transmit queues [type = 1p3q8t]:
Queue Id Scheduling Num of thresholds
-----------------------------------------
01 WRR 08
02 WRR 08
03 WRR 08
04 Priority 01
WRR bandwidth ratios: 100[queue 1] 150[queue 2] 200[queue 3]
queue-limit ratios: 50[queue 1] 20[queue 2] 15[queue 3] 15[Pri Queue]
queue tail-drop-thresholds
--------------------------
1 70[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
2 70[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
3 100[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
queue random-detect-min-thresholds
----------------------------------
1 40[1] 70[2] 70[3] 70[4] 70[5] 70[6] 70[7] 70[8]
2 40[1] 70[2] 70[3] 70[4] 70[5] 70[6] 70[7] 70[8]
3 70[1] 70[2] 70[3] 70[4] 70[5] 70[6] 70[7] 100[8]
queue random-detect-max-thresholds
----------------------------------
1 70[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
2 70[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
3 100[1] 100[2] 100[3] 100[4] 100[5] 100[6] 100[7] 100[8]
WRED disabled queues:
queue thresh cos-map
---------------------------------------
1 1
1 2
1 3
1 4
1 5
1 6
1 7
1 8 0
2 1
2 2
2 3
2 4
2 5
2 6
2 7 1
2 8 2
3 1
3 2
3 3
3 4
3 5
3 6
3 7 3
3 8 4
4 1 5 6 7
Queueing Mode In Rx direction: mode-cos
Receive queues [type = 1q2t]:
Queue Id Scheduling Num of thresholds
-----------------------------------------
1 Standard 2
queue tail-drop-thresholds
--------------------------
1 100[1] 100[2]
queue thresh cos-map
---------------------------------------
1 1 0 1 2 3 4 5 6 7
1 2
Packets dropped on Transmit:
BPDU packets: 0
queue thresh dropped [cos-map]
------------------------------------------------------------------
1 8 246598 [0 ]
2 7 0 [1 ]
2 8 0 [2 ]
3 7 0 [3 ]
3 8 0 [4 ]
4 1 0 [5 6 7 ]
Packets dropped on Receive:
BPDU packets: 0
queue thresh dropped [cos-map]
------------------------------------------------------------------
1 1 0 [0 1 2 3 4 5 6 7 ]
!
sh ip vrf SKAT
Name Default RD Interfaces
SKAT 65000:90 Vl87
!
Statistics collection and analysis:
!
sh policy-map interface vl87
Vlan87
Service-policy input: test2
class-map: test2 (match-all)
Match: access-group name test2
set dscp 46:
Earl in slot 5 :
1418106 bytes
5 minute offered rate 256 bps
aggregate-forwarded 1418106 bytes
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
!
sh mls qos ip vl87
[In] Policy map is test2 [Out] Default.
QoS Summary [IPv4]: (* - shared aggregates, Mod - switch module)
Int Mod Dir Class-map DSCP Agg Trust Fl AgForward-By AgPoliced-By
Id Id
-----------------------------------------------------------------------------------
Vl87 5 In test2 46 2 No 0 1420758 0
!
When I ping with the TOS=0x20 (i.e. DSCP=cs1) from a HostA (ip=10.120.1.2), which is located behind the MPLS network (vrf SKAT), to HostB (ip=10.120.2.2), which is connected through the LAN network to this cs6506 (vrf SKAT) I see the ICMP request with TOS=0x20(i.e. DSCP=cs1) which after passing through the MPLS network arrives to HostВ unchanged fieldTOS=0x20(DSCP=cs1). This fact coincides with my expectations.
Dump on hostA:
17:16:22.888238 44:8a:5b:04:1c:a2 > 00:21:d8:10:5c:00, ethertype 802.1Q (0x8100), length 102: vlan 87, p 0, ethertype IPv4, (tos 0x20, ttl 64, id 53095, offset 0, flags [DF], proto ICMP (1), length 84)
10.120.1.2 > 10.120.2.2: ICMP echo request, id 26405, seq 1, length 64
Dump on hostВ (access, P-bits are absent):
17:17:37.056589 00:18:74:b0:30:00 > 00:15:60:56:cc:e4, ethertype IPv4 (0x0800), length 98: (tos 0x20, ttl 63, id 6294, offset 0, flags [DF], proto ICMP (1), length 84)
10.120.1.2 > 10.120.2.2: ICMP echo request, id 26423, seq 1, length 64
!
Miracles begin in the opposite direction when forwarding ICMP echo reply from HostB to HostA. The HostB inserts the same tos value in the ICMP echo reply, but cs6506 does not overwrite the DSCP field to a value ef, as specified in the policy-map, and is transmitted through the MPLS network with TOS=0x20(i.e. DSCP=cs1), but at the same time, the EXP field in the MPLS header is overwritten according to mls qos maps.
Dump on hostB:
17:17:37.056639 00:15:60:56:cc:e4 > 00:18:74:b0:30:00, ethertype IPv4 (0x0800), length 98: (tos 0x20, ttl 64, id 38947, offset 0, flags [none], proto ICMP (1), length 84)
10.120.2.2 > 10.120.1.2: ICMP echo reply, id 26423, seq 1, length 64
Dump on hostA:
17:16:22.888834 00:21:d8:10:5c:00 > 44:8a:5b:04:1c:a2, ethertype 802.1Q (0x8100), length 102: vlan 87, p 1, ethertype IPv4, (tos 0x20, ttl 63, id 22406, offset 0, flags [none], proto ICMP (1), length 84)
10.120.2.2 > 10.120.1.2: ICMP echo reply, id 26405, seq 1, length 64
If I do a traceroute from HostB (ip=10.120.2.2) on HostA (ip=10.120.1.2) with a TOS=0x20(i.e. DSCP=cs1) I see Exp=5
traceroute from 10.120.2.1 to 10.120.1.2
1. 10.120.2.1
2. 172.18.0.45
[MPLS: Lbl 56 Exp 5 S 0 TTL 1]
[MPLS: Lbl 1049 Exp 5 S 1 TTL 1]
3. 172.18.0.10
[MPLS: Lbl 1198 Exp 5 S 0 TTL 1]
[MPLS: Lbl 1049 Exp 5 S 1 TTL 1]
4. 10.120.1.1
5. 10.120.1.2
!
cs1-6500#sh mls qos maps
dscp-exp-map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
-------------------------------------
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
- Labels:
-
Other Switching
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide