[c-nsp] 6500 DFC QoS
Pavel Gulchouck
gul at gul.kiev.ua
Mon Jul 6 12:13:08 EDT 2009
Hi.
I have some problems with QoS on DFC-featured module (WS-X6708-10GE).
6500/sup720/pfc3bxl, 12.2(18)SXF15.
At first, I cannot limit egress traffic for SVI, because traffic from
this module and traffic from another modules policing separately, so
customer can get twice more traffic then specified in service-policy
on his SVI. Is any solution?
Second, dscp marking does not work for traffic incoming from this module
and outgoing to another module. Config related to this issue:
mls qos
no mls qos rewrite ip dscp
!
class-map match-all dscp1
match dscp 1
!
policy-map from-10
class class-default
set dscp 1
!
policy-map to-20
class dscp1
police cir 300000000 bc 1000000 be 2000000 conform-action transmit exceed-action drop violate-action drop
class class-default
police cir 650000000 bc 1000000 be 2000000 conform-action transmit exceed-action drop violate-action drop
!
interface Vlan10
ip address 10.0.0.1 255.255.255.0
platform ip features sequential
service-policy input from-10
!
interface Vlan20
ip address 10.0.1.1 255.255.255.0
service-policy output to-20
Vlan10 allowed only on DFC-equipped module. I see only little
traffic matching class dscp1, I think it's traffic with such dscp
on ip header, but interface is untrusted and I suppose this
service-map should matches internal (not real) dscp which set by
service-map from-10.
This config works good if vlan10 switched to another module (without DFC).
If I set "mls qos rewrite ip dscp" then marking and matching works good,
but I do not want to modify IP headers.
Any suggestions?
May be there's a way to turn off DFC and use PFC?
--
Pavel
More information about the cisco-nsp
mailing list