Calin,
try show mls qos interface x/y statistics to see inbound/outbound
COS?DSCP counters per interface. You probably meant this one yourself.
Cheers
A.
On 3/12/2012 6:32 AM, Calin Chiorean wrote:
> Thanks Narbik!
>
> Arghhh, "nice feature" :). I assume that the only way to check if the
> police is really in place is to check the interface counters.
>
> Cheers,
> Calin
>
> On 3/11/12 8:25 PM, Narbik Kocharians wrote:
>> That is correct, the "Show policy-map interface" command on your switch
>> will not show anything, basically that command does not work on switches.
>>
>> On Sun, Mar 11, 2012 at 12:04 PM, Calin Chiorean<calin_at_engineer.com> wrote:
>>
>>> Hello all,
>>>
>>> I have a QoS related issue with 3560 and I'm thinking that maybe you can
>>> help me.
>>>
>>> The topology is something like:
>>>
>>> R1 - SW1 - SW2 - R3
>>>
>>> On R1 I have to mark all traffic with DSCP 10:
>>>
>>> policy-map OUT
>>> class class-default
>>> set ip dscp 10
>>> !
>>> int fa0/0
>>> service-policy output OUT
>>>
>>> To prove that this is working (SW1 / SW2 mls qos disabled) I have on R3
>>> a policy-map with a class-map matching on DSCP 10. I issue a ping from
>>> R1 to R3 and:
>>>
>>> R3#sh policy-map int fa0/1
>>> FastEthernet0/1
>>>
>>> Service-policy input: IN
>>>
>>> Class-map: D10 (match-all)
>>> 5 packets, 570 bytes
>>> 30 second offered rate 0 bps
>>> Match: ip dscp af11 (10)
>>>
>>> Class-map: class-default (match-any)
>>> 0 packets, 0 bytes
>>> 30 second offered rate 0 bps, drop rate 0 bps
>>> Match: any
>>>
>>> Everything working.
>>>
>>> Now the issue. On SW2 I need to match on DSCP 10 traffic and to police
>>> it to 1Mbps:
>>>
>>> !
>>> no mls qos rewrite ip dscp
>>> mls qos
>>> !
>>> class-map match-all D10
>>> match ip dscp 10
>>> !
>>> policy-map POLICE
>>> class D10
>>> police 1000000 250000 exceed-action drop
>>> !
>>> int fa0/19
>>> service-policy input POLICE
>>>
>>> For a test, I issue another ping from R1 to R3. I see the packets on R3,
>>> but on SW2 there seems to be no packet matched:
>>>
>>>
>>> SW2#sh policy-map int fa0/19
>>> FastEthernet0/19
>>>
>>> Service-policy input: POLICE
>>>
>>> Class-map: D10 (match-all)
>>> 0 packets, 0 bytes
>>> 5 minute offered rate 0 bps, drop rate 0 bps
>>> Match: ip dscp af11 (10)
>>>
>>> Class-map: class-default (match-any)
>>> 0 packets, 0 bytes
>>> 5 minute offered rate 0 bps, drop rate 0 bps
>>> Match: any
>>> 0 packets, 0 bytes
>>> 5 minute rate 0 bps
>>>
>>> It appear to match zero packets, but if I police very low to let's say
>>> 10kbits and I look at the interface statistics of R3, the policing seems
>>> to work
>>>
>>> The IOS image on the 3560 is:
>>> SW2#sh ver | i image
>>> System image file is "flash:c3560-advipservicesk9-mz.122-44.SE6.bin"
>>>
>>> Do you think it's a bug on 3560 (I could not find one on Cisco Bug
>>> toolkit) and the police actually work but the output is wrong?
>>>
>>>
>>> Thanks to all!
>>>
>>> Cheers,
>>> Calin C.
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Mar 12 2012 - 06:49:43 ART
This archive was generated by hypermail 2.2.0 : Sun Apr 01 2012 - 07:56:52 ART