[c-nsp] QoS and Router Originated Traffic

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Tue Sep 18 02:13:48 EDT 2012


Ivan,


On 17/09/2012 12:16, "Ivan" <cisco-nsp at itpro.co.nz> wrote:

>Hi,
>
>I have a requirement to ensure all traffic across certain links have
>particular CoS markings.  Applying QoS polices on the links works but
>doesn't capture router originated traffic - BGP, ARP, IPv6 ND etc.
>
>As a potential solution I have tested using IPv4 and IPv6 PBR to force
>router traffic via lo0
>
>route-map LP permit 10
>  set interface Loopback0
>
>ip local policy route-map LP
>ipv6 local policy route-map LP
>
>and have set a QoS policy on lo0
>
>interface Loopback0
>  service-policy input LOOP0-IN
>
>this sets a qos-group which is matched the outgoing non-loopback
>interface and sets CoS as required.

Interesting.. which platform is this? I have never seen such a config, so
I would be careful and test it thoroughly, also when upgrading. the usual
way to (re)color router-originated traffic is to set the ip precedence in
the "route-map LP" directly.

>1) I don't think this works for ARP.  I tried to match protocol arp
>using the loopback0 policy but
>
>router(config-if)#service-policy input LOOP0-IN
>  'match protocol arp' is not supported on input service-policy
>
>is there anyway to set the CoS value for ARP traffic from the router,
>ideally only on some interfaces?

I'm not sure if we can change ARP's cos values, I know that some platforms
(Cat6k) mark them with Cos=6 (like routing), but I have not come across a
way to change this. I guess you are concerned about some routers
downstream (is this a L2 service?) dropping the packets? Because the
originating router has other means to treat those packets as critical and
not drop it on its egress interface.

>
>2) Is this configuration going to kill my router - maybe I am forcing
>some process switching?

Don't know.. strictly speaking all packets originated or terminated on the
router are process-switched anyway (they originate or end up on some CPU
in the box), but I'm not sure about any potential side-effects of a
service-policy on a loopback.. so see my initial remark.

	oli




More information about the cisco-nsp mailing list