From: Venkataramanaiah.R (vramanaiah@gmail.com)
Date: Thu Dec 01 2005 - 05:42:25 GMT-3
Hi,
Just to make to sure, i understood it correctly, I labbed it up.
I have the following setup
R2-Fa0/0---Fa0/17-S1--int Vlan12(on S1)
I am trying to match all traffic coming from R2 into the
switchport fa0/17 and marking them with Prec 5.
I have ACL 101 in Vlan12 to verify that marking is working.
Unfortunately i see that irrespective of whether i match the vlan or
not, i could not see the marking happening.
Am i doing something wrong here..
Regards
-Venkat
R2#sr int fa0/0
interface FastEthernet0/0
ip address 134.9.22.2 255.255.255.0
S1(config-if)#do sr int fa0/17
Building configuration...
Current configuration : 112 bytes
!
interface FastEthernet0/17
switchport access vlan 12
switchport mode access
service-policy input test (Same result even if i use withvlan policy here)
end
interface Vlan12
ip address 134.9.22.7 255.255.255.0
ip access-group 101 in
end
S1(config-if)#do sac
Standard IP access list 1
10 permit any
Extended IP access list 101
10 permit ip any any precedence critical
<-----Nothing Matches here
20 permit ip any any (113 matches)
S1#sh policy-map
Policy Map test
Class all
set ip precedence 5
Policy Map withvlan
Class withvlan
set ip precedence 5
S1#sh class-map
Class Map match-all withvlan (id 2)
Match vlan 12
Match class-map all
Class Map match-any class-default (id 0)
Match any
Class Map match-all all (id 1)
Match access-group 1
S1#
On 11/30/05, Chris Lewis <chrlewiscsco@yahoo.com> wrote:
> Good point, with a voice vlan on an access port it would also make sense.
>
> I agree, to get per port per vlan working you need hierarchy of some kind, the following is an example.
>
> class-map match-any dscp_class
> match ip dscp 9
> exit
> class-map match-all vlan_class
> match vlan 10 20-30 40
> match class-map dscp_class
> exit
>
>
> "HIERS, DAVID (AIT)" <dh4578@sbc.com> wrote:
> Per-port/per-vlan is required on the trunk-like-access-ish port that is connected to the typical ip-phone/pc combo.
>
> According to one book, a nested class structure is required to make Per-port/per-vlan work on a 3550.
>
>
> David Hiers
>
> CCIE 10734, CISSP
>
> -###-
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Chris Lewis
> Sent: Tuesday, November 29, 2005 1:05 PM
> To: Venkataramanaiah.R; Cisco certification
> Subject: Re: Per Port Per Vlan..
>
>
> It is perfectly reasonable to configure parent/child class maps for an access port, something like shaping the output to an overall rate, then providing differentiated guarantees for different traffic types within that shaped rate.
>
> Per port per vlan configurations are applied on trunk ports, not access ports.
>
> "Venkataramanaiah.R" wrote:
> Hi,
>
> i would like to know whether it makes any sense to configure the
> parent/child class maps for an access port, if we want to just
> classify some traffic on the given access port.
>
> My understanding is that per port/per vlan applies only to the trunk
> ports.. Correct me if i am wrong.
>
> Regards
> -Venkat
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
> ---------------------------------
> Yahoo! Music Unlimited - Access over 1 million songs. Try it free.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3