03-31-2011 04:47 AM - edited 03-06-2019 04:22 PM
Hi,
I have got a principal question regarding qos and switches and their configurability.
Is it possible to mark (cos, dscp) self-generated packets of a LAN Switch (like snmp traps, syslogs, radius, ...)
in order to get them prioritized at the uplink interface (to next switch) ?
Thanks in advance for answers.
kind regards
Stefan Klueppel
CCIE #6916
________________________________
BSW-COM GmbH
Bürostandort:
Alfred-Nobel-Straße 11
50169 Kerpen
Tel: +49-2237-63 8302-52
Mob: +49-178-9304452
Fax: +49-2237-63 8302-89
Web: www.bsw-com.de
03-31-2011 05:14 AM
Stefan
You could use a local policy route-map eg.
access-list 101 .... <- used to define traffic you want to mark
route-map MARK permit 10
match ip address 101
set ip precedence
ip local policy route-map MARK
Whether this would work on all devices, especially hardware switches i can't say so it would need testing.
Alternatively could you not just mark/queue on the next switch up ?
Jon
03-31-2011 05:28 AM
Hi Jon,
Thank you for your reply.
Our customer has 95% L2-Switches, like 2950 and 2960,
so I tried already this local policy route-map syntax,
but this is not supported on this hardware/software.
In newer Switches you can configure ip ssh dscp xx,
therefore I hoped there is some "hidden/public-unknown" function
for the other protocols like snmp, syslog,...
Because of problems at the uplink (loss of packets) it is to late
to mark them at next switch.
Reason of it all is some of this security monitoring/controlling stuff relates to snmp...
and if switch-answers get lost, no security at all....
Stefan
03-31-2011 05:47 AM
Stefan
So the issue is with the uplink on the actual switch itself and not the other end ?
If so i was going to suggest poilicing/remarking but that can only be done on ingress interface.
Only other thing i can think of is do you know what CoS value they leave the switch with. If not you should be able to capture and see.
If you know this you can map this to a specific egress queue. If the marking is the same as all the other traffic traversing the switch you could remark all the other traffic to a different value on ingress and map to a different queue. So instead of marking the switch-generated traffic so you can prioritise it, which it looks like you can't do, you actually mark all the other traffic ie. non switch generated. This way you would still be able to distinguish between the 2 traffic types.
I admit this is not ideal and may not fit in with what you already have.
Jon
03-31-2011 06:17 AM
Jon
Thank you for your hints.
I will dive into this and come back to you later..
Stefan
04-14-2011 10:39 AM
Jon
at long last I found the time to build a small setup in our lab with a 3560.
by using local policy route-map the priorising of self-generated switchpackets
is doing well. I recommend using precedence so you can check the wanted
dscp value (there is a prec-dscp map).
the cheap 2950sx switches at customer site are only able to trust,
there is no possibility to mark or map anything...
so for that, we found a solution: sell new boxes...
many thanks for your thoughts and solution proposals !!
btw.
per default there is dscp0/cos0 on all packets
Stefan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide