From: Andrew Larkins (Andrew.Larkins@btgroup.co.za)
Date: Wed Mar 19 2008 - 05:03:26 ART
Hi,
I have a 3650G with QoS on the VLAN interface - using a "service policy"
command. Software version is now c3560-advipservicesk9-mz.122-44.SE1.bin
since there were issues in the c3560-advipservicesk9-mz.122-40.SE.bin
code not reporting interface usage correctly wrt input and output rates
- showed zero for all.
This switch is running BGP to our MPLS peer and is the default gateway
for our hosted VLAN. I need to classify packets coming back from the
Internet from a ERP site with specific DSCP tags - configs below. I have
applied the policy to the vlan interface, but nothing get matched at
all. Even If I try the physical interface I get no matches.
Since all traffic must go through vlan 100 - default gateway
interface Vlan100
description Internal
ip address 172.20.230.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
load-interval 30
service-policy input Ingress-Tag
!
interface Vlan759
description MPLS - BGP Peering
ip address 172.20.255.46 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
load-interval 30
interface GigabitEthernet0/1
description 802.1q Trunk Uplink to Firewall
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,200,300,796
switchport mode trunk
load-interval 30
interface GigabitEthernet0/2
description Trunk Uplink to MPLS
switchport trunk encapsulation dot1q
switchport trunk native vlan 759
switchport trunk allowed vlan 759,796
switchport mode trunk
switchport nonegotiate
policy-map Ingress-Tag
class VPN_Remote
set ip dscp af11
class ERP
set ip dscp af21
class class-default
set ip dscp default
Access-list
Extended IP access list 100
10 permit ip 172.20.253.0 0.0.0.255 any
Extended IP access list 101
10 permit ip host <ERP IP> any
Service-policy input: Ingress-Tag
Class-map: VPN_Remote (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: access-group 100
Class-map: ERP (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: access-group 101
0 packets, 0 bytes
30 second rate 0 bps
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
30 second rate 0 bps
Any guidance here appreciated please.
Andrew
The information contained in this message and or attachments is intended
only for the person or entity to which it is addressed and may contain
confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon,
this information by persons or entities other than the intended recipient
is prohibited. If you received this in error, please contact the sender and
delete the material from any system and destroy any copies.
This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:54 ART