From: Dimuthu Parussalla (dparussalla@baysidegrp.com.au)
Date: Sun May 13 2007 - 23:30:07 ART
only two pcs connected to the switch in test environment. 1 pc running
server and 1 pc running ftp client. Pc running the ser got g0/1 attached
ingress policy. I've tried marking default to dscp 5. But can't see them
getting marked.
Regards,
Dimi
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Avner Izhar
Sent: Monday, 14 May 2007 11:57 AM
To: Dimuthu Parussalla; ccielab@groupstudy.com
Subject: RE: Cisco 2960 QOS issue
Looks right, I'd suspect that the ftp traffic is either not going via that
port, or it is using nonstandard tcp ports.
Try adding to your policy-map a default class that remark dscp to 1 and
check
the counters again, something like:
policy-map mark-i
class test
set dscp cs5
class class-default
set dscp 1
Regards,
Avner Izhar, CCIE #15999 (Voice)
Network Learning Inc.
________________________________
From: nobody@groupstudy.com on behalf of Dimuthu Parussalla
Sent: Mon 5/14/2007 10:21 PM
To: ccielab@groupstudy.com
Subject: Cisco 2960 QOS issue
Hi All,
I am having trouble marking packets on a ingress interface. It seems like
policy doesn't mark the traffic related to access list. I have a test access
list set to mark DSCP 40 on all the ftp traffic. I can't even see matching
traffic to my access list via sh acceess-lists.
What I am doing wrong?.
Regards
Dimuthu
Configurations:
mls qos
!
class-map match-any test
match access-group 133
policy-map mark-i
class test
set dscp cs5
interface GigabitEthernet0/1
service-policy input mark-i
!
interface GigabitEthernet0/2
mls qos trust dscp
!
interface GigabitEthernet0/3
mls qos trust dscp
access-list 133 permit tcp any any eq ftp
access-list 133 permit tcp any eq ftp any
Diagnostic outputs:
sh policy-map int g0/1
GigabitEthernet0/1
Service-policy input: mark-i
Class-map: test (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 133
0 packets, 0 bytes
5 minute rate 0 bps
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
#sh mls qos interface g0/1 sta
GigabitEthernet0/1
dscp: incoming
-------------------------------
0 - 4 : 1662025 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
-------------------------------
0 - 4 : 2236212 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
-------------------------------
0 - 4 : 1677064 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
-------------------------------
0 - 4 : 2239841 0 0 0 0
5 - 7 : 0 0 708
Policer: Inprofile: 0 OutofProfile: 0
#sh access-lists
Standard IP access list 22
10 permit 192.168.1.0, wildcard bits 0.0.0.255
Extended IP access list 132
10 permit tcp any any eq 19100
20 permit tcp any eq 19100 any
Extended IP access list 133
10 permit tcp any any eq ftp
20 permit tcp any eq ftp any
Extended MAC access list jb
permit host 0017.31f2.33b8 any
permit any host 0017.31f2.33b8
This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:20 ART