From: Alexander Arsenyev (GU/ETL) (alexander.arsenyev@ericsson.com)
Date: Wed Jul 20 2005 - 19:57:07 GMT-3
Hello Andrew,
You have "match access 101" statement in Your class-map TEST but I cannot see access-list 101 defined, only access-list 100...
HTH
Cheers
Alex
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Edwards, Andrew M
Sent: 20 July 2005 23:44
To: ccielab@groupstudy.com
Subject: Re: 3550 QoS
GS,
I'm having a problem verifying the QoS requirement and I think it might
be something with the IOS version on the switch... looking for
additional input/tribal knowledge on counters NOT incrementing with
3550s and service policies.
IOW, does anyone know if this is or could be a 3550 version thing?
Version 12.1(22)EA1a.
Maybe someone knows this is a problem with the counters and will just
put my mind at ease...
Here is the basic requirements:
A. A traffic generator on Vlan100 is connected to port f0/24 of CAT1.
Its generating 5 UDP packets
per second. Each packet is 1024 bytes. The UDP stream is destined to
host 172.16.10.1 on vlan 10 with a destination port 5011.
B. Police this traffic to 8000 bits / sec on CAT1 f0/24 vlan 100.
Allow a minimal burst size.
C. Excess traffic should be dropped.
And here is my configuration where I use R6 as a verification router:
r6:
int e0
ip add 1.1.1.1 255.255.255.0
no shut
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
cat1:
mls qos
class-map TEST
match access 101
policy QOS
class TEST
police 8000 8000 exceed drop
access-list 100 permit udp any host 172.16.10.1 eq 5011
int f0/1
switch
switch mode acc
switch acc vlan 10
no shut
int f0/6
switch
switch mode acc
switch acc vlan 100
service in QOS
no shut
int f0/24
switch
switch mode acc
switch acc vlan 100
service in QOS
no shut
int vlan 100
ip add 1.1.1.10 255.255.255.0
no shut
int vlan 10
ip add 172.16.10.10 255.255.255.0
no shut
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
R1:
int e0
ip add 172.16.10.1 255.255.255.0
no shut
As a verification, I changed the ACL to "access-list 100 permit icmp any
host 172.16.10.1 echo" and then I set the packet size to 1250 bytes and
1 second intervals. I chose 1250bytes @ 1 sec because this hits 10000
bps (exceed 8000bps but not over the minimum burst).
Here is what I see:
show mls qos int f0/6 pol FastEthernet0/6
policymap=QOS type=Single, id=0 rate=8000, qlimit=8000, drop=1
show policy int f0/6
FastEthernet0/6
service-policy input: QOS
class-map: TEST (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
match: access-group 100qm_police_inform_feature: CLASS_SHOW
class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
match: any
0 packets, 0 bytes
5 minute rate 0 bps
I dont see a match on the traffic but the route is thorugh that
interface on R6:
R6# ping 172.16.10.1
!!!!!
R6#show ip route 172.16.10.1
Routing entry for 172.16.10.0/24
Known via "ospf 1", distance 110, metric 2, type intra area
Last update from 1.1.1.10 on FastEthernet0/0, 05:20:18 ago
Routing Descriptor Blocks:
* 1.1.1.10, from 1.1.1.1, 05:20:18 ago, via FastEthernet0/0
Route metric is 2, traffic share count is 1
And, of course if I totally crank this to some astronomical value I
still dont see a response
CAT1 service policy
R6# ping 172.16.10.1 size 18024 repeat 100
!!!!!!.!!.!!.!!.!!.
Now, I can see its rate-limiting the packet, but I cant get any output
from the show policy command:
CAT1#show poli int f0/6 FastEthernet0/6
service-policy input: QOS
class-map: TEST (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
match: access-group 100qm_police_inform_feature: CLASS_SHOW
class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
match: any
0 packets, 0 bytes
5 minute rate 0 bps
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:30 GMT-3