[c-nsp] QoS possible on the 7600 Sup720-3bxl?

The Father the_father at allstream.net
Wed May 17 12:42:56 EDT 2006 

Tim,

Thanks for the suggestion.  I did something similar to what you wrote 
below and here's my config and subsequent error messages:

access-list 76 permit any
access-list 101 permit ip any 192.168.41.0 0.0.0.255
!
class-map match-any all-traffic
 description Match all traffic
 match access-group 76
!
class-map match-any ACL101
 description Match priority block
 match access-group 101
!
policy-map test-voice-lan
 class ACL101
  set mpls experimental imposition 5
   priority percent 33
 class all-traffic
  set mpls experimental imposition 1
   bandwidth percent 66

Trying to apply the policy-map outbound resulted in this error:

7609-lab(config-if)#service-policy output test-voice-lan
%Priority command with parameter not supported on GE-WAN4/1. Please 
configure police along with priority to limit the amount of traffic on 
priority class
7609-lab(config-if)#

I tried making the config changes as suggested in the error message and 
then I got this:

7609-lab(config)#int ge-4/1                        
7609-lab-hcap(config-if)#service-policy output test-voice-lan
%PRIORITY command with "match access-group" class not supported on 
GE-WAN4/1
7609-lab(config-if)#

So I decided to change both queues to CBWFQ and this is what I got:

7609-lab(config)#int ge-4/1
7609-lab(config-if)#service-policy output test-voice-lan
%Weighted Fair Queuing with "match access-group" class not supported on 
GE-WAN4/1
7609-lab(config-if)#

It looks like the router doesn't like matching on ACLs for this 
particular setup.

Jose


Tim Franklin wrote:
> Hi Jose,
>
>   
>> In a nutshell, what I'm trying to do today is to mark all of our 
>> customer's internet traffic that comes into the 7609 with an 
>> EXP bit of 
>> 1.  From there, it will head towards our core router(s) and we would 
>> prefer to be able to assign this traffic into the Best Effort 
>> queue that 
>> we create on the egress interfaces.
>>     
>
> I started off trying to do this 'mark on ingress, queue on egress' design
> when I was first putting QoS configs together.  It seems "right" in your
> head, but it's (apparently) unnecessary load on the routers, and as you've
> found it isn't really the way they're designed to work.
>
> It sounds like the second way you tried ought to work - I don't understand
> your comment about not being able to queue on the egress ports.  You should
> be able to use something like (assuming your definition of 'Internet
> traffic' is 'not rfc1918 traffic'):
>
> Access-list 100 deny ip any 10.0.0.0 0.255.255.255
> Access-list 100 deny ip any 172.16.0.0 0.252.255.255
> Access-list 100 deny ip any 192.168.0.0 0.0.255.255
> Access-list 100 permit ip any any
>
> Class-map match-all INTERNET
>  match access-group 100
>
> Policy-map QUEUE-TO-CORE
>  class SOME-OTHER-IMPORTANT-STUFF
>   priority percent 10
>   set mpls experimental 5
>  class INTERNET
>   bandwidth percent 50
>   set mpls experimental 1
>
> Interface ge-wan1/0
>  policy-map QUEUE-TO-CORE out
>
> Would probably help if you can post what you've got that doesn't work...
>
> Regards,
> Tim.
>
>

More information about the cisco-nsp mailing list