Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1546
Views
10
Helpful
5
Replies

Qos - LAN switch and marking of self-generated packets

STEFAN KLUEPPEL
Level 1
Level 1

‎03-31-2011 04:47 AM - edited ‎03-06-2019 04:22 PM

Hi,

I have got a principal question regarding qos and switches and their configurability.

Is it possible to mark (cos, dscp) self-generated packets of a LAN Switch (like snmp traps, syslogs, radius, ...)

in order to get them prioritized at the uplink interface (to next switch) ?

Thanks in advance for answers.

kind regards

Stefan Klueppel
CCIE #6916
________________________________
BSW-COM GmbH

Bürostandort:
Alfred-Nobel-Straße 11
50169 Kerpen
Tel: +49-2237-63 8302-52
Mob: +49-178-9304452
Fax: +49-2237-63 8302-89
Web: www.bsw-com.de

Labels:
0 Helpful
5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

‎03-31-2011 05:14 AM

Stefan

You could use a local policy route-map eg.

access-list 101 ....    <- used to define traffic you want to mark

route-map MARK permit 10

match ip address 101

set ip precedence

ip local policy route-map MARK

Whether this would work on all devices, especially hardware switches i can't say so it would need testing.

Alternatively could you not just mark/queue on the next switch up ?

Jon

STEFAN KLUEPPEL
Level 1
Level 1
In response to Jon Marshall

‎03-31-2011 05:28 AM

Hi Jon,

Thank you for your reply.

Our customer has 95% L2-Switches, like 2950 and 2960,

so I tried already this local policy route-map syntax,

but this is not supported on this hardware/software.

In newer Switches you can configure ip ssh dscp xx,

therefore I hoped there is some "hidden/public-unknown" function

for the other protocols like snmp, syslog,...

Because of problems at the uplink (loss of packets) it is to late

to mark them at next switch.

Reason of it all is some of this security monitoring/controlling stuff relates to snmp...

and if switch-answers get lost, no security at all....

Stefan

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to STEFAN KLUEPPEL

‎03-31-2011 05:47 AM

Stefan

So the issue is with the uplink on the actual switch itself and not the other end ?

If so i was going to suggest poilicing/remarking but that can only be done on ingress interface.

Only other thing i can think of is do you know what CoS value they leave the switch with. If not you should be able to capture and see.

If you know this you can map this to a specific egress queue. If the marking is the same as all the other traffic traversing the switch you could remark all the other traffic to a different value on ingress and map to a different queue. So instead of marking the switch-generated traffic so you can prioritise it, which it looks like you can't do, you actually mark all the other traffic ie. non switch generated. This way you would still be able to distinguish between the 2 traffic types.

I admit this is not ideal and may not fit in with what you already have.

Jon

STEFAN KLUEPPEL
Level 1
Level 1
In response to Jon Marshall

‎03-31-2011 06:17 AM

Jon

Thank you for your hints.

I will dive into this and come back to you later..

Stefan

0 Helpful

STEFAN KLUEPPEL
Level 1
Level 1
In response to Jon Marshall

‎04-14-2011 10:39 AM

Jon

at long last I found the time to build a small setup in our lab with a 3560.

by using local policy route-map the priorising of self-generated switchpackets

is doing well. I recommend using precedence so you can check the wanted

dscp value (there is a prec-dscp map).

the cheap 2950sx switches at customer site are only able to trust,

there is no possibility to mark or map anything...

so for that, we found a solution: sell new boxes...

many thanks for your thoughts and solution proposals !!

btw.

per default there is dscp0/cos0 on all packets

Stefan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card