RE: Building the Class-Map

From: simon hart (simon.hart@btinternet.com)
Date: Fri Apr 15 2005 - 17:47:31 GMT-3

• Next message: Church, Chuck: "RE: Features requiring cdp"
• Previous message: ccie2be: "Features requiring cdp"
• Maybe in reply to: James Matrisciano: "Building the Class-Map"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I believe that the two configurations are quite different,

The first is using an access list. An access list is evaluated step by step
until a condition is met, therefore:

If a packet has a dscp marking of 45 it is going to be classed in the class
map and appropriate policy taken

If a packet has precedence of 7 it is going to be classed in the class map
and appropriate policy taken

If the packet has neither it will not be classified in this classs.

Now the second statement says:

If it is prec 7 and not dscp 45 then it will not be classified. If it is
dscp 45 and not 7 it will not be classified.
If it is both prec 7 and dscp 45 it will be classified.

This means that no packet will ever match the second configuration for the
reasons outlined by Bob. A packet cannot be prec 7 at the same time as dscp
45. No traffic in the second config will ever be classified, whilst traffic
in the first config maybe.

Now if the class map was a match any class map the resulting action would be
the same.

Simon

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of Bob
Sinclair
Sent: 15 April 2005 16:31
To: James Matrisciano; ccielab@groupstudy.com
Subject: Re: Building the Class-Map

Hi Jim,

It seems to me that the direct "match ip ..." is simpler than the extra step
with the access-list. However, wouldn't both necessarily result in a "no
match"? Your class-map is "match-all", but is it possible for one packet
to
be marked both precedence 7 and DSCP 45?

Precedence 7 is 111000 in the first 6 bits of TOS byte
DSCP 45 is 101101 in the first 6 bits of TOS byte

HTH,

Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net

  ----- Original Message -----
  From: James Matrisciano
  To: ccielab@groupstudy.com
  Sent: Friday, April 15, 2005 11:13 AM
  Subject: Building the Class-Map

  Question to any QoS Gurus out there. While working in the various labs
  in preparation for my (next) Lab attempt, I see different ways of
  building qos policies to match on DSCP values and Precedence values.
  Below are two separate class-maps that to me do the same thing. Would
  anyone disagree with this and if so, why? I want to be able to produce
  a best practice solution in the lab, however, I want to do it the
  quickest way possible. To me, simple match commands in the class-map
  seem to work a lot quicker than building an extended access list, then
  applying that list into the class-map. Comments?

  class-map match-all with_access_list
    match access-group name qos

  ip access-list extended qos
   permit ip any any dscp 45
   permit ip any any precedence network

  class-map match-all qos
    match ip precedence 7
    match ip dscp 45
  !

  jm

  _______________________________________________________________________
  Subscription information may be found at:
  http://www.groupstudy.com/list/CCIELab.html

• Next message: Church, Chuck: "RE: Features requiring cdp"
• Previous message: ccie2be: "Features requiring cdp"
• Maybe in reply to: James Matrisciano: "Building the Class-Map"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:58 GMT-3