Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
935
Views
7
Helpful
7
Replies

PBR and MQC implemented together

Go to solution
Essam Ahmad
Level 1
Level 1

‎08-17-2013 08:04 AM - edited ‎03-07-2019 02:59 PM

Dears,

I need to apply changes to our production network, but I need to fully recognize the impacts for these changes before implementation, briefly we have MQC applied on interface Gi 0/0 and we need to add PBR on the same interface, what are the pre-cautions and conflicts that may happen? and how do PBR rules work with MQC together?

You'll find here below the current configuration (not bold) and the changes which should be applied (bold)

class-map match-any copy

match access-group 150 access-list

class-map match-any icmp

match protocol icmp

class-map match-any http

match protocol secure-http

match protocol http

match protocol telnet

match protocol dns

match protocol smtp

match protocol pop3

match protocol imap

!        

!        

policy-map IMPORTANT

class http

    bandwidth percent 50

class icmp

    priority percent 15

class copy

   police cir 18000000 bc 625000

     conform-action transmit

     exceed-action drop

interface GigabitEthernet0/0

description CONNECTED-TO-LAN

bandwidth 45000

ip address 172.55.20.254 255.255.0.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip route-cache same-interface

duplex auto

speed auto

no mop enabled

service-policy output IMPORTANT

ip policy route-map DATA_TRAN_MAP

!

!

route-map DATA_TRAN_MAP permit 10

match ip address FTP_ACL

set ip next-hop 172.16.55.50

set ip next-hop verify-availability

!

!

ip access-list extended FTP_ACL

permit tcp 172.55.0.0 0.0.255.255 192.168.100.0 0.0.0.255 eq 445

permit tcp 172.55.0.0 0.0.255.255 192.168.100.0 0.0.0.255 eq ftp

permit tcp 172.55.0.0 0.0.255.255 192.168.100.0 0.0.0.255 eq ftp-data

permit icmp host 172.55.20.20 192.168.100.0 0.0.0.255

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎08-17-2013 08:10 AM

I don't think you'll have a problem. PBR happens before queueing, so you'll hit the route map before it has to apply your qos policy. Once you apply it, just make sure that you're still getting hits on the policy afterwards.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

View solution in original post

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎08-17-2013 08:12 AM

Hi,

your MQC is applied outbound and your PBR is applied inbound and MQC is for LLQ and policing in your case while PBR is for overriding the routing table lookup for forwarding inbound traffic so these 2 features shouldn't interact and there should be no problem setting the PBR on the interface.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎08-17-2013 08:10 AM

I don't think you'll have a problem. PBR happens before queueing, so you'll hit the route map before it has to apply your qos policy. Once you apply it, just make sure that you're still getting hits on the policy afterwards.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Essam Ahmad
Level 1
Level 1
In response to John Blakley

‎08-17-2013 01:52 PM

Thanks a lot John.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎08-17-2013 08:12 AM

Hi,

your MQC is applied outbound and your PBR is applied inbound and MQC is for LLQ and policing in your case while PBR is for overriding the routing table lookup for forwarding inbound traffic so these 2 features shouldn't interact and there should be no problem setting the PBR on the interface.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to cadet alain

‎08-17-2013 08:16 AM

Alain,

Out of curiosity as I haven't labbed this up, I noticed your answer of directional differentiation as opposed to order of operations. If the route-map is applied inbound and the mqc policy is applied inbound as well, what do you think the interaction would be in that case? I think I'm going to lab this up to see what happens.

**** Edit ****

I labbed it up and it does work fine in either direction on the same interface.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to John Blakley

‎08-17-2013 08:44 AM

Hi John,

as he is using LLQ the service-policy had to be applied outbound anyway so that's why I emphasized the direction vs the order of operation because queuing is an outbound process anyway.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to cadet alain

‎08-17-2013 09:10 AM

Thanks...I wanted to make sure there wasn't something I was missing.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Essam Ahmad
Level 1
Level 1
In response to cadet alain

‎08-17-2013 01:53 PM

Thanks a lot Cadet.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card