Arseniy, you know, I think I am a fool here....
Ok so I tried to re-create this and could not, this is what I did when I
first saw the issue:
!
policy-map SHAPES
class class-default
shape average 384000 7680
!
interface FastEthernet 0/0.666
service-policy output SHAPES
!
!
! Now create my sub policy
!
!
class-map CMAP_VOIP
match packet length min 60 max 60
!
class-map match-any CMAP_HTTP
match proto http
match proto secure-http
!
policy-map PMAP_Q
class CMAP_VOIP
priority 32 4000
!
class CMAP_HTTP
bandwidth 256
!
class class-default
fair
!
!
policy-map SHAPES
class class-default
service-pol PMAP_Q
Ok the aobve is good & this time worked!!!
After some fat fingered key pressing, I came up with this error which is
what I hit first time around:
#CBWFQ : Not supported on subinterfaces
It seems it was down to me not really being in the right place, as follows
is my sequence of events:
!
policy-map SHAPES
!
! Currently I think i am under the other policy map "policy-map PMAP_Q"
!
class CMAP_HTTP
bandwidth 256
CBWFQ : Not supported on subinterfaces
!
!
!
So Arseniy you are right, me, I just needed to take a step back and realize
that i was configuring the wrong policy, which is clear now as there is an
incorrect class-map now under my GTS!!
!
#show run | beg policy-map SHAPES
policy-map SHAPES
class CMAP_HTTP
class class-default
shape average 384000 7680
service-policy PMAP_Q
!
What threw me of the rails more so is that I am (like most) using INE, and
under their QOS workbook, 10.23 the solution is to use class-maps referring
to ACLs to match HTTP/S. This only made me question it more. As we know,
there is more than one way to skin a cat....
Still it's good to know NBAR works as expected :)
I will mark this down to more lessons learned, check where the bloody hell
your are configuring stuff!!!
Cheers A,
\Sam.
On Sun, Mar 16, 2014 at 6:35 PM, Arseniy Ivanov <jabbson_at_gmail.com> wrote:
> I just tried implementing CB-GTS myself and it seems to be working fine.
>
> R1#show run | s class|policy|service-policy|interface Serial1/0
>
> class-map match-all R4R5
> match fr-dlci 102
> match protocol icmp
>
> policy-map GTS
> class R4R5
> drop
>
> policy-map SHAPE
> class class-default
> shape average 8000
> service-policy GTS
>
> interface Serial1/0
> service-policy output SHAPE
>
>
> *Checking ping via DLCI 102:*
>
> R4#ping 25.25.25.5
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 25.25.25.5, timeout is 2 seconds:
> .....
> Success rate is 0 percent (0/5)
>
>
> *Checking ping via DLCI 103 *
>
> R4#ping 36.36.36.6
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 36.36.36.6, timeout is 2 seconds:
> !!!!!
> Success rate is 100 percent (5/5), round-trip min/avg/max = 44/58/64 ms
>
> *Checking matches in service policy on the interface:*
>
> R1#show policy-map inter ser1/0
>
> Serial1/0
>
> Service-policy output: SHAPE
>
> Class-map: class-default (match-any)
> 24 packets, 1680 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
> Traffic Shaping
> Target/Average Byte Sustain Excess Interval Increment
> Rate Limit bits/int bits/int (ms) (bytes)
> 8000/8000 2000 8000 8000 1000 1000
>
> Adapt Queue Packets Bytes Packets Bytes Shaping
> Active Depth Delayed Delayed Active
> - 0 11 1048 0 0 no
>
> Service-policy : GTS
>
> Class-map: R4R5 (match-all)
> *5 packets, 520 bytes*
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: fr-dlci 102
> Match: protocol icmp
> *drop*
>
> Class-map: class-default (match-any)
> 19 packets, 1160 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
>
>
> best regards,
> Arseniy S. Ivanov
>
> On 16.03.2014 20:08, Sam Bibby wrote:
>
> Hey all,
>
> Every time i think I have a grasp on QoS I hit more issues.
>
> Firstly here is what I think I know (don't worry, its not much.. random
> numbers used, typos excused)
>
> 1) When you setup just QoS using the MQC you can match protocols under
> class-maps via NBAR example:
>
> !
> class-map CMAP_ICMP
> match proto icmp
> !
> policy-map PMAP_ICMP
> class CMAP_ICMP
> priority 54 4000
> !
>
> 2) When you shape you use the CB-GTS to shaping as follows:
> !
> policy-map PMAP_SHAPE
> class class-default
> shape ave 51200 8000 0
> !
>
>
>
> Ok, so what gives here & my question(s) arise.
>
> 1) If i want to then use my CBWFQ policy that uses NBAR matching I cannot
> nest this inside a CB-GTS like so;
>
> !
> policy-map PMAP_SHAPE
> shape ave 51200 8000 0
> service-policy PMAP_ICMP
> !
>
> *note i was applying this to a sub-interface fe0/0.1 if that is why I had
> problems.
>
>
>
> 2) To make this work, I need to change my CBWFQ policy so that it does not
> use NBAR matching as follows:
>
> !
> ip access-list ext ACL_ICMP
> permit icmp any any
> !
> class-map CMAP_ICMP
> match access-gro ACL_ICMP
> !
>
> *And this now will nest happily under the CB-GTS.
>
>
>
> So, and thanks for sticking with me, what I want to know is, is this
> statement true:
>
>
> *When performing CB-GTS (regardless of interface) you cannot nest a CB-WFQ
> policy that uses NBAR matching.....*
>
> I have done my googling, but you know I find it easier to write this out,
> helps me visualize the problem.
>
> If you can put me right, I would be most grateful.. :)
>
>
> Your pal,
>
> \Sam
>
>
> Blogs and organic groups at http://www.ccie.net
>
>
> _______________________________________________________________________
> Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Mar 16 2014 - 18:51:04 ART
This archive was generated by hypermail 2.2.0 : Thu Apr 03 2014 - 17:12:31 ART