[cisco-bba] L2TP tunnel switching not copying dscp bitsbetweensession L2TP tunnel switching not copying dscp bitsbetweensession headers

Tony Redstone tony.redstone at googlemail.com
Wed Aug 16 09:19:47 EDT 2006


the qos-group workaround seems to work properly on mainline 12.3(19)
but not on 12.2(28)SB3.  qos-group based classification on the egress
interface works but marking at the same time doesn't.

the cpu hike on a 7301 running 12.3(19) pulling and pushing around
150Mb/s is just under 10% which is just about bearable.

Regards,
Tony

eg ("packets matched" and "packets marked" don't match under
qosgroup57 class-map on output service policy; I verified the packets
really aren't being marked by checking further upstream, ie it's not a
command display issue):
 GigabitEthernet0/1.41

  Service-policy input: remarkl2tp

    Class-map: dscp57 (match-all)
      19 packets, 2698 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: ip dscp 57
      QoS Set
        qos-group 57
          Packets marked 19

    Class-map: class-default (match-any)
      68111476 packets, 38829962284 bytes
      5 minute offered rate 21615000 bps, drop rate 0 bps
      Match: any
        68111476 packets, 38829962284 bytes
        5 minute rate 21615000 bps

  Service-policy output: test-out

    Class-map: qosgroup57 (match-all)
      19 packets, 2774 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: qos-group 57
      QoS Set
        precedence 5
          Packets marked 0

    Class-map: class-default (match-any)
      67918248 packets, 39020742241 bytes
      5 minute offered rate 21739000 bps, drop rate 0 bps
      Match: any
        67918248 packets, 39020742241 bytes
        5 minute rate 21739000 bps


On 8/15/06, Paul Horrocks (phorrock) <phorrock at cisco.com> wrote:
> Yes 'l2tp ip tos reflect is not supported on LTS - LNS only.
>
> The below is the workaround as detailed in CSCee27441
>
> =======================================
> It has been found that the correct mode of operation where the TOS field
> is reflected correctly
> into the L2TP header can be achieved by adding the following config
> below. This was tested with
> 12.3(4)T5 and 12.3(7.11)T. However, it still has to be determined
> whether it should be necessary
> to make the changes below or whether the TOS relfect feature needs to be
> corrected for the
> C7X00 platforms.
>
> class-map match-all QOS-Group7
>  match qos-group 7
> class-map match-all QOS-Group6
>  match qos-group 6
> class-map match-all QOS-Group5
>  match qos-group 5
> class-map match-all QOS-Group4
>  match qos-group 4
> class-map match-all QOS-Group3
>  match qos-group 3
> class-map match-all QOS-Group2
>  match qos-group 2
> class-map match-all QOS-Group1
>  match qos-group 1
> class-map match-all QOS-Group0
>  match qos-group 0
> class-map match-all Tos0
>  match ip precedence 0
> class-map match-all Tos1
>  match ip precedence 1
> class-map match-all Tos2
>  match ip precedence 2
> class-map match-all Tos3
>  match ip precedence 3
> class-map match-all Tos4
>  match ip precedence 4
> class-map match-all Tos5
>  match ip precedence 5
> class-map match-all Tos6
>  match ip precedence 6
> class-map match-all Tos7
>  match ip precedence 7
> !
> !
> policy-map Outbound-Policy
>  class QOS-Group0
>   set precedence 0
>  class QOS-Group1
>   set precedence 1
>  class QOS-Group2
>   set precedence 2
>  class QOS-Group3
>   set precedence 3
>  class QOS-Group4
>   set precedence 4
>  class QOS-Group5
>   set precedence 5
>  class QOS-Group6
>   set precedence 6
>  class QOS-Group7
>   set precedence 7
> policy-map Inbound-Policy
>  class Tos0
>   set qos-group 0
>  class Tos1
>   set qos-group 1
>  class Tos2
>   set qos-group 2
>  class Tos3
>   set qos-group 3
>  class Tos4
>   set qos-group 4
>  class Tos5
>   set qos-group 5
>  class Tos6
>   set qos-group 6
>  class Tos7
>   set qos-group 7
>
> interface GigabitEthernet0/1
>  ip address 172.16.2.5 255.255.255.0
>  service-policy input Inbound-Policy
>  service-policy output Outbound-Policy
>  duplex full
>  speed 1000
>  media-type gbic
>  negotiation auto
>
> > -----Original Message-----
> > From: cisco-bba-bounces at puck.nether.net
> > [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of
> > Oliver Boehmer (oboehmer)
> > Sent: Tuesday, August 15, 2006 4:28 PM
> > To: Tony Redstone; cisco-bba at puck.nether.net
> > Subject: Re: [cisco-bba] L2TP tunnel switching not copying
> > dscp bitsbetweensession L2TP tunnel switching not copying
> > dscp bitsbetweensession headers
> >
> > Tony Redstone <> wrote on Tuesday, August 15, 2006 5:14 PM:
> > > We're terminating ppp users on the LNS and using "QoS: Per-Session
> > > Shaping and Queuing on LNS" and "ip tos reflect" under the
> > vpdn-group
> > > to copy the end user payload dscp bits into the encapsulating L2TP
> > > header.  This works fine.
> > >
> > > When L2TP traffic is tunnel switched through a cisco 7301 (LTS) the
> > > dscp bits are reset in the outgoing L2TP session headers on egress
> > > from the LTS.  This means we can't apply appropriate congestion
> > > management either directly on egress from the LTS or
> > further upstream.
> > > [..]
> > > Any suggestions as to how we can preserve the ToS byte during L2TP
> > > tunnel switching?
> >
> > you could try to mark the pkts with a qos-group on ingress (i.e.
> > match-all on the l2tp traffic and the dscp's) and then set
> > the dscp on egress depending on the qos-group of the packet.
> > Cumbersome, but I can't think of any other workaround right now..
> >
> >       oli
> >
> > _______________________________________________
> > cisco-bba mailing list
> > cisco-bba at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-bba
> >
>


More information about the cisco-bba mailing list