[c-nsp] QoS configuration conflict for flowmask on SVI interface behind FWSM
Joseph Jackson
recourse at gmail.com
Wed Nov 16 10:34:05 EST 2011
On Wed, Nov 16, 2011 at 1:49 AM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 11/16/2011 05:08 AM, Joseph Jackson wrote:
>>
>> Hey List,
>>
>> I'm wanting to apply a policy-map to rate limit a port that is a
>> member of a vlan that is configured as a firewalled vlan. When I
>> apply the service-policy input to the port directly connected to the
>> server I get this message in the logs:
>>
>>
>> %FM_EARL7-2-SWITCH_PORT_QOS_FLOWMASK_CONFLICT: QoS configuration on
>> switch port FastEthernet1/5 conflicts for flowmask with feature
>> configuration on SVI interface Vlan912
>>
>
>
> Can you show the class & policy map you were trying to use, and the config
> of both interfaces (before you started)?
Here ya go.
class-map match-all limit-netcool-cdr
match access-group 191
!
!
policy-map limit-netcool-cdr
class limit-netcool-cdr
police flow mask dest-only 2000000 62500 conform-action transmit
exceed-action drop
!
Directly connected interface -
interface FastEthernet1/5
switchport
switchport access vlan 101
no ip address
speed 100
duplex full
spanning-tree portfast
end
SVI -
interface Vlan912
description ***OUTSIDE***
ip address 172.16.213.11 255.255.255.248
standby ip 172.16.213.13
standby timers 2 5
standby priority 200
standby preempt
Thanks Phil!
More information about the cisco-nsp
mailing list