Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1853
Views
0
Helpful
2
Replies

QoS based on MAC address

mumbles202
Level 5
Level 5

‎01-14-2020 02:13 PM

I have a stack of 2960Xs that currently has QoS configured for voice traffic based on dscp.  I have been asked to extend this to a few IoT devices that are having issues w/ audio quality when traffic goes to internet.  I configured this on the stack:

 

mac access-list extended IoTTrustedDevices
  permit host 0001.0001.0005 any
  permit host 0001.0001.0006 any

 

class-map match-any IoTTrustedDevices_CM
  match access-group name IoTTrustedDevices

policy-map IoTTrustedDevices_PM
  class IoTTrustedDevices_CM
    set dscp ef
  class class-default

 

interface GigabitEthernet4/0/7
 description Connection to Phone or PC
 switchport access vlan 123
 switchport mode access
 switchport voice vlan 126
 srr-queue bandwidth share 1 30 35 5
 priority-queue out 
 mls qos trust cos
 auto qos trust
 spanning-tree portfast edge
 service-policy input IoTTrustedDevices_PM

 

I then have the upstream ASA set w/ priority queue and set to prioritize dscp ef but I'm getting reports that users are still having issues.  And when i issue a "show policy-map interface Gi4/0/7" I get the following as if it's not being hit at all.

 

GigabitEthernet4/0/7

 Service-policy input: IoTTrustedDevices_PM

  Class-map: IoTTrustedDevices_CM (match-any)
  0 packets, 0 bytes
  5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name IoTTrustedDevices
  0 packets, 0 bytes
  5 minute rate 0 bps

Class-map: class-default (match-any)
  0 packets, 0 bytes
  5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

 

Just wanted to know what i'm doing wrong in this case.

Labels:
0 Helpful
2 Replies 2

Rob Burchard
Cisco Employee
Cisco Employee

‎01-14-2020 07:01 PM

Hi @mumbles202 ,

 

To manually match voice IP traffic, try using a standard or extended IP ACL in your class map, instead of the MAC ACL. MAC ACL would be for non ip traffic matching.

 

Configuration guide reference below:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/qos/configuration_guide/b_qos_152ex_2960-x_cg/b_qos_152ex_2960-x_cg_chapter_010.html

 

Hope this helps!

 

Regards

 

Rob

0 Helpful

mumbles202
Level 5
Level 5
In response to Rob Burchard

‎01-15-2020 03:00 PM

Thanks.  I updated the configuration like this:

 

access-list 50 permit 192.168.123.134
access-list 50 permit 192.168.123.166
access-list 50 permit 192.168.123.165
access-list 50 permit 192.168.123.169
access-list 50 permit 192.168.123.168

 

class-map match-any IoTTrustedDevices_CM_2
match access-group 50
!
policy-map IoTTrustedDevices_PM
  class IoTTrustedDevices_CM
     set dscp ef
  class IoTTrustedDevices_CM_2
     set dscp ef
  class class-default

 

But noticed i'm still not getting any increments on the counters.  I left the same service-policy in place on the interface since I just added the class to the existing policy-map.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card