Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1024
Views
0
Helpful
9
Replies

Qos operations on switch

Go to solution
normbeef
Level 1
Level 1

‎02-20-2018 04:06 AM - edited ‎03-08-2019 01:56 PM

Hi guys,

 

Im not up to much on the QOS side and we are changing all our old Cisco edge switches for a new vendor.  I have a policy map that do not seem to be applied to anything, also a class map that doesn't seem to do anything either  just wanted someone to looks and see if im right..  ?

 

There are no access lists with any of these names, and the policy map is not applied to any interface on the switch.

 

class-map match-all BULK
  match access-group name BULK
class-map match-all MISSION_CRITICAL
  match access-group name MISSION_CRITICAL
class-map match-all CALL_SIGNALLING
  match access-group name CALL_SIGNALLING
class-map match-all PRIORITISED
  match access-group name PRIORITISED
class-map match-all NMS
  match access-group name NMS
class-map match-all VIDEO
  match access-group name VIDEO
class-map match-all VOICE
  match access-group name VOICE
end

 

policy-map XYZ_CLASSIFICATION
 class VOICE
   set dscp ef
 class CALL_SIGNALLING
   set dscp cs3
 class VIDEO
   set dscp af41
  police 10000000 8192 exceed-action drop
 class MISSION_CRITICAL
   set dscp af31
  police 5000000 8192 exceed-action policed-dscp-transmit
 class PRIORITISED
   set dscp af21
  police 5000000 8192 exceed-action policed-dscp-transmit
 class NMS
   set dscp cs2
  police 5000000 8192 exceed-action policed-dscp-transmit
 class BULK
   set dscp af11
  police 5000000 8192 exceed-action policed-dscp-transmit
 class class-default
   set dscp default
  police 5000000 8192 exceed-action policed-dscp-transmit
!
end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎02-20-2018 04:21 AM

Hi
If its not applied to an interface its not doing anything as it requires that step , it may have been in use before and just removed from the interface but rest of config never got cleaned up

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎02-20-2018 04:21 AM

Hi
If its not applied to an interface its not doing anything as it requires that step , it may have been in use before and just removed from the interface but rest of config never got cleaned up
0 Helpful

Go to solution
normbeef
Level 1
Level 1
In response to Mark Malone

‎02-20-2018 04:26 AM

Thanks for swift reply, I thought that myself.. it looks like mls qos is turned on, but only the uplinks from the switch are using DSCP based on the default map. all other ports don't trust anything except cisco phones where they are configured.

trust state: trust dscp
trust mode: trust dscp
trust enabled flag: ena
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: none
qos mode: port-based
0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to normbeef

‎02-20-2018 04:30 AM

mls is different than policy map
so policy map needs to be assigned to interface to work
MLS is layer 2 it just needs mls trust cos or trust dscp to work under the access interface and can also have mls qos turned on globally which will auto generate the queues in global config for the access ports , so there 2 different things , 2 styles of qos one more l2 the other more l3

you should check what way the access ports are set to , its no harm having them trust DSCP though as phones mark DSCP at the source so it will keep the EF marking for priority
0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to Mark Malone

‎02-20-2018 04:39 AM

what platform are you taking that extract from ?
0 Helpful

Go to solution
normbeef
Level 1
Level 1
In response to Mark Malone

‎02-20-2018 05:04 AM

its a 2960X 

 

@Mark Malone wrote:
what platform are you taking that extract from ?


This is the MLS QOS configuration

 

mls qos map policed-dscp  0 10 16 18 24 26 to 8
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output dscp-map queue 1 threshold 3 34 46
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18
mls qos srr-queue output dscp-map queue 2 threshold 2 24 26
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
mls qos srr-queue output dscp-map queue 3 threshold 3 0
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 10
mls qos queue-set output 1 threshold 2 70 80 100 100
mls qos queue-set output 1 threshold 4 40 100 100 100
mls qos queue-set output 1 buffers 15 20 45 20
mls qos

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to normbeef

‎02-20-2018 05:14 AM

so mls is globally enabled on all access ports with that config , so layer 2 qos is operational

Usage Guidelines

If you enable QoS globally, QoS is enabled on all interfaces with the exception of the interfaces where you disabled QoS. If you disable QoS globally, all traffic is passed in QoS pass-through mode.
0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎02-20-2018 05:37 AM

For a 2960X, the class-maps and policy-map are used for ingress only. What yours appears to be doing is DSCP tagging, based on the class-maps, and also "checking" some class traffic for conformance to certain bandwidth allowances.

As your 2960X has QoS enabled, each port gets four hardware egress queues, whose operation is controlled by other QoS statements. Some of the QoS statements determine how CoS and/or DSCP will be directed to which egress queue and how it will be subjected to drops.

Without applications of the policy, frames/packets would, by default, all be treated as tagged with a zero (also tag will be set to zero). If port has a trust statement, then frame/packet will be processed depending on tag.

I.e. you do have active QoS now, but without the additional treatment that would be afforded if your ingress packets were processed by the defined pollicy-map.
0 Helpful

Go to solution
normbeef
Level 1
Level 1
In response to Joseph W. Doherty

‎02-20-2018 05:56 AM

So in a nutshell..

 

The L2 QOS is enabled and active.  the Policy map and class maps are redundant, this makes sense as its only an L2 switch.

 

The environment has many legacy issues, so when we move onto the new vendor only L2 QOS will be required.  

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to normbeef

‎02-20-2018 06:39 AM

"The L2 QOS is enabled and active."

Not exactly. Although the switch may only be performing L2 switching, it's capable of L3 QoS. (NB: in ye olden tymes, we called such L2 switches "enhanced" or "smart".)

"the Policy map and class maps are redundant, this makes sense as its only an L2 switch."

Insufficient information to say they are redundant. Can say, if not applied to interfaces, they're not being used. The policy-map and class-maps appear to mark traffic as desired and they also would indicate if there's more traffic than expected for a certain class. This too could be using L3/L4 info.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card