Showing results for 
Search instead for 
Did you mean: 

Weird COS policy behaviour on ASR9906

Hi everyone,

I hope you can help me figure out this, I've been going at it for a couple days with, little results. The scenario is an EVPL one. We have a gigabit ethernet interface where a maximum of 10 vlans can be configured on, each of these vlans should be able to potentially hit the 1gbps throughput of the interface if there's no congestion, if congestion occurs however, traffic should be policed and the bandwidth should be assigned to each cos class according to specific criterias. 

My issue are arising with a dual cos-policy. What we're trying to do here is ensure that when congestion occurs, each of the 10 vlans on the interface has 100mbps of guaranteed bandwidth, in case of a double cos profile, we want to ensure that the COS5 traffic is given 20mbps at all times.


This is what I configured on the router. First of all an ingress policy under the l2transport subinterface:


class P2P_2COS_CLASS_H <-this matches cos 5 6 and 7 values
  set cos 5
 class class-default
  police rate 80 mbps peak-rate 1 gbps 
   exceed-action transmit
   violate-action drop
  set cos 1


This is the configuration on the physical interface, first of all the parent policy:


class Vlan-200
  service-policy 2COS_PAC_PAL_EGRESS <- this can be either a single, double or triple cos policy.
  bandwidth 100 mbps <-this should ensure the vlan has a guaranteed 100mbps in case of congestion. 


For the sake of brevity, I'll omit the other class-Vlans, they look the same as this one each matching a vlan up to 290 in increments of 10, only the child policy can change and could be a single, double or triple cos one, according to what the customer bought.

In this case, the child policy created for dual cos is this one:


policy-map 2COS_PAC_PAL_EGRESS
class PAC_PAL_QOS_5 <- this matches the COS value of 5, which we rewritten with the ingress policy on the l2trans
  bandwidth 20 mbps 
 class PAC_PAL_QOS_1 <- this matches the COS value of 1, which we rewritten all traffic that was under class-default in ingress
  bandwidth 80 mbps 
 class class-default


Seems pretty straightforward to me and it works to an extent. During our tests today, we've configured the traffic generator to send traffic with a vlan id of 200 and 210. Vlan 200 was sending all COS values, plus untagged, and VLAN 210 was sending only COS 1 and 5. As you can see from the "Dual COS ok" screenshot, it works as it should, the bandwidth allocation for the two COS classes is respected and it is what it should be. The router is dropping packets from both Vlan COS1 traffic and, is not touching the COS5.

So, we decided to enable a third vlan on our traffic generator. Configuration was the same as the two previous vlans as far as policies go. Vlan id 220 was also generating both COS 1 and COS 5 traffic.

At that point, the router decided it was too much and as you can see from the "Dual COS KO" screen, it started to cut into the COS 5 traffic, so that each of the vlans had only 10mb for COS5 rather than 20. I am a bit stumped because I cannot figure out why this is happening.

It works perfectly fine as long as it's just two vlans but, as soon as we add a third one using the exact same policies as the other two, this happens. I am sure there's something I am missing but I cannot understand why the router starts dropping COS5 frames.

Could anyone please advise or give me a pointer?

Thank you