Re: mlq qos vlan-based Q?

OK. So, vlan-based QoS must be enabled on physical interface and
traffic that come inbound to that int will be processed my policy map
defined on SVI. Of course, physical int has to have that VLAN
traversing through the port. Right?

On Wed, Feb 3, 2010 at 4:54 AM, Ed Man <networkexpert08_at_gmail.com> wrote:
> thank you all...
>
> On Wed, Feb 3, 2010 at 3:41 AM, Marko Milivojevic <markom_at_ipexpert.com>
> wrote:
>>
>> On Tue, Feb 2, 2010 at 18:05, Ivan Hrvatska <ivanzghr_at_gmail.com> wrote:
>> > Hello,
>> >
>> > one question about mls qos on 3560, just to make sure that I've
>> > understood.
>> > Diagram:
>> >
>> >
>> > R1-----------------------SW1-----------trunk-----------------SW2---------------R2
>> >
>> > R3-----------------------SW1-----------trunk-----------------SW2---------------R4
>> >
>> > R1 and R2 are in VLAN 12, R3 and R4 are in VLAN 34. SW1 is routing
>> > between VLANs via SVI interfaces configured for each VLAN.
>> > Traffic in VLAN 12 should be mapped with ip prec 3, and traffic from
>> > VLAN 34 with ip prec 4.
>> > On SW1 I configured policy-map under interface vlan 12 (inbound) which
>> > should mark packets according to task. Same thing for interface vlan
>> > 34. On the same switch I put mls qos vlan-based on trunk ports.
>> > When I ping from R1 to R2 packets are NOT marked. When I ping from R2
>> > to R1, packets are marked correctly.
>> > Is the reason for that mls qos vlan-based command under trunk
>> > interface? I mean, does it work only when traffic is going INBOUND
>> > into physical interface? Actual marking is done on physical int or on
>> > SVI int? Obviously interVLAN traffic is coming IN SVI interface on
>> > SW1, but traffic still isn't marked with correct ip prec value.
>>
>> You are right in so many ways here, especially so in being confused.
>> Per-VLAN QoS on all Cisco switches works differently. While certainly
>> not the most creative use of SVI interfaces*, it is one that may
>> confuse people who see it for the first time.
>>
>> So... while you are indeed applying service-policy inbound on the SVI,
>> this is actually processed "on the physical interface", i.e. on all
>> interfaces that have that VLAN and have VLAN-based QoS enabled. Those
>> interfaces that do not have this feature applied, will not be
>> processed.
>>
>> So, when your R1 sends the traffic and it hits the switch, since you
>> don't have per-V:AN QoS enabled on that port, it is simply switched
>> where it needs to go. Traffic form R2 is "caught" by per-VLAN QoS and
>> passed on to the appropriate service-policy.
>>
>> [*] Really mind-blowing one is 6500/7600 and IGMP snooping. For
>> example, if you want to disable IGMP snooping on a VLAN, you do it
>> under SVI. It is recommended to have SVI in shutdown if it's not
>> used... yet, the snooping is disabled. This took TAC engineer and me
>> quite some time to digest. He actually needed to call development team
>> to confirm.
>>
>> --
>> Marko Milivojevic - CCIE #18427
>> Senior Technical Instructor - IPexpert
>>
>> Mailto: markom_at_ipexpert.com
>> Telephone: +1.810.326.1444
>> Fax: +1.810.454.0130
>> Community: http://www.ipexpert.com/communities
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Feb 03 2010 - 10:09:47 ART