[c-nsp] Cisco 2960 QOS issue
Dimuthu Parussalla
dparussalla at baysidegrp.com.au
Sun May 13 21:15:34 EDT 2007
Hi Brad,
Yes g0/1 is the input and g0/24 is the output. Yes I do have physical access
to the switch. I can't see any output via debug mls qos.
Regards,
Dimi
access-list 133 permit tcp any any eq ftp
access-list 133 permit tcp any eq ftp any
access-list 133 permit tcp any any eq ftp-data
access-list 133 permit tcp any eq ftp-data any
#sh mls qos int g0/24 statistics
GigabitEthernet0/24
dscp: incoming
-------------------------------
0 - 4 : 164381 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
-------------------------------
0 - 4 : 33827 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 17 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
-------------------------------
0 - 4 : 164492 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
-------------------------------
0 - 4 : 33827 0 0 0 0
5 - 7 : 17 0 162
Policer: Inprofile: 0 OutofProfile: 0
-----Original Message-----
From: Brad Henshaw [mailto:brad.henshaw at qcn.com.au]
Sent: Monday, 14 May 2007 11:05 AM
To: dparussalla at baysidegrp.com.au
Cc: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] Cisco 2960 QOS issue
The fact that /some/ packets are being marked by the policy-map would
make me suspect it's working, but the correct traffic in its entirety is
not being matched.
Are you certain Gi0/1 is the input interface and Gi0/24 is the output
interface for all of this traffic?
It's also possible that the traffic is being marked but not counted, due
to a bug or otherwise. Do you have physical access to the switch for
access to a SPAN port to confirm the marking (and presence) of traffic?
Regards,
Brad
> -----Original Message-----
> From: Dimuthu Parussalla [mailto:dparussalla at baysidegrp.com.au]
> Sent: Monday, 14 May 2007 10:17 AM
> To: Brad Henshaw
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco 2960 QOS issue
>
> Hi Brad,
>
>
> I just did that and tried again with sh mls qos int g0/24
> with the simmiler results.
>
> Regards
> Dimi
>
>
>
> -----Original Message-----
> From: Brad Henshaw [mailto:brad.henshaw at qcn.com.au]
> Sent: Monday, 14 May 2007 10:00 AM
> To: dparussalla at baysidegrp.com.au
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco 2960 QOS issue
>
>
> Diminthu Parussalla wrote:
>
> > I have tried that on a out going port 24. But it doesn't show the
> > marked packet getting marked. I can see few packets with
> DSCP set. I
> > tried uploading 1Gig file to the test server but I only saw few
> > packets getting marked.
>
> You might want to modify your ACL to also match ftp-data to
> and from the relevant addresses rather than just ftp.
>
> Regards,
> Brad
>
>
More information about the cisco-nsp
mailing list