Cisco Switching/Routing :: 4500 Remarking Dscp Value 1 To 0
May 15, 2013
I am getting a very strange problem where 4500 switch is remarking the packet with dscp 1 to 0.
Let me explaint the setup. I have two PCs connected on same switch but on different modules. PC1 is conencted to Gi4/19 and PC2 is connected to
Gi2/43. Both the ports has been configured to trust the dscp. Below are the configuration:
i did on cisco 2960S switch at user ingress interface. but the marking is not showing in show policy-map interface gig 1/0/10 interface and ACL is not showing any match.
I also had a config reference from 2960S cisco guide.
access-list 103 permit tcp any any eq 80 access-list 104 permit tcp any any eq 23 access-list 105 permit icmp host 172.24.68.4 any
I have a pair of Nexus 7K's running 5.1(3). I have a handful of edge devices that I need to mark ingress traffic, and need to mark both DSCP and CoS. Right now, I have a working config that marks DSCP appropriately.While that works dor DSCP, the MQC will not allow me to mark both DSCP and COS in the same class, and unlike IOS, it appears that Nexus does not have a default DSCP-to-COS mapping. My understanding is this can be solved using table maps, but I don't see how that can solve my problem in this specific scenario (it appears I can do marking or table-map mutation, but not both?). How I can accomplish both?
there is something I find strange on C6500 about QoS: C6500 derive an internal DSCP value for it's internal use, but when configuring the qos mapping on output interfaces, only a cos value (I guess, an internal cos value) can be used. Is it a misunderstanding from me, or is it really illogic?
I've been working on a 3560 that doesn't seem to map dscp values to a new value: mls qos map dscp-mutation ToR1 22 24 to 46
[Code]....
On the router on the other side, I created an acl that matched on dscp 46, but it doesn't match on it. I've tried moving the mutation map to the ingress interface and I've tried setting dscp with a service policy instead of marking COS and using internal dscp. Where is the mutation map supposed to be placed: ingress or egress? Also, I added an entry in the acl on the router to see if I was mapping to dscp 24, and I am:
[Code]....
So it seems like the mutation map is being ignored completely. Any reason why?
I am reading through a QOS Document and they want me to trust the DSCP value from an IP phone (Siemens) but UN trust the PC DSCP value. How can I trust one thing but not the other? I am using a 2960 Cisco switch with IP base IOS.
i have Catalyst2950SI with iOS12.1, connect a wifi-access-point to f1/1(dot1q trunk port),and connect another L2SW to f1/2(dot1q trunk port),and IP phone, MobileCamera connects to wifi-access-point,IP phone has dscp=40 value on its own packet,but MobileCamera doesn't have any dscp value or cos.now, i wanna do QoS by that dscp, So i type as below,
I have a problem with dscp preservation on a WS-C3750X-48 catalyst; in my little diagram, his name will be SW2, so I have this:SW1 <-> SW2 <-> RT1. some phone connected to SW1 mark with dscp EF (46) the voice traffic.The "mls qos" was enabled on SW1 and SWt. The interlink switch ports has the "mls qos trust dscp" option, the phone port and the router port also.And the problem is I can see the dscp marking on the SW2 when I span the voice vlan on this switch but the dscp was removed ( DSCP set to 0) on the router port ( span on the router port for look )If I made also a packet capture on the router RT1, I see the DSCP was effectively reset to zero.If I disable the "mls qos" on SW2, of course all is fine and the dscp was preserved and forwarded to the router. [code]
I am trying to mark http packets from a web server with DSCP ef, but when I am doing a traffic capture all http packets have tos 0x0.I am able to mark UDP and ICMP packets originated from this server, but not any TCP traffic.The web server is in VLAN 20This is my config mls qos ip access-list extended MARK-HTTP-ACL permit tcp host 10.10.10.10 eq www. [code]
i would like to know the possibility to use mls qos trust dscp with service-policy in the IOS ver.12.2(25)SEE2.The specific version is not possible to configure like below.
Cat3750(config-if)#do sh run int f1/0/1 Building configuration...
I am begining to work to apply Qos on switchs (C2960 & C6500), and I still have a doubt about the necessity to consider the cos value. I indeed want to apply Qos for ToIP, Video, perhaps create a scavenger class, ans in all cases, I classify my packets with TCP/UDPB port and mark them with DSCP. So is it really necessary to study all the DSCP/CoS mapping problematics ? Is it not possible to make the configurations only on the base of the DSCP field?
When configuring QoS on 3750s/3560s, we're mapping packets to particular interface output queues with commands such as: [code] The command to see what's actually being enqueued, dropped, etc. is: [code]
Note that these queues are numbered 0 - 3, and not 1 - 4. We've been assuming that the first queue number in the "mls qos" (i.e., 1) command maps to the first queue (i.e., 0) in the "show mls qos" command.
I have a Nexus 5500 which is the core of our network and we have access layer switches uplinked to it. I know by default the qos markings will be trusted.
1. On a trunk uplink from an access layer switch to the Nexus, I have "mls qos trust dscp". Will the DSCP marking be preserved when it reaches the Nexus?
2. How do I do prioritization of voice traffic on an uplink on Nexus based on DSCP EF?
I have made some test and i noticed that qos input policy does not classify the icmp packet based on their dscp.The "match dscp ef" or "match precedence 5" is not working only the "match protocol icmp" shows hits.
We need to classify the different icmp packets based on dscp ( TOS ) for measurement purpose.CISCO 7200, 12.4.25d and 12.4.20T have a same behavior.
Does the 4500 support VSS (Virtual Switching System) ? On the official product overview page it says: 1.6 Terabits capacity with Virtual Switching System (hardware-ready)What means Hardware ready ? Does it mean that it supports VSS in the same manner as the 6500 ? The reason I'm asking this question is that I didn't find any info on the Internet about this. We would like to upgrade our network by interconnecting the 2 sites with Layer 2 redundant links (Layer 2 extension), but I'd like to use the both links in a load-balancing manner, which can be a real pain in the *** with STP. The choice is between 4500 and 3750 stackable core switches. The 6500s are very expensive.
How to know 4500 SUP7-E's MIB ?Our customer use MS SCOM 2012 SP1 get the OID are 1.3.6.1.4.1.9.1.1286, but we use IOS MIB locator, we can not find this MIB id.
below are the IOS sh version information :
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.02.00.SG RELEASE SOFTWARE (fc4) Technical Support: [URL] Copyright (c) 1986-2011 by Cisco Systems, Inc. Compiled Tue 26-Apr-11 18:09 by prod_rel_team
What is the correct way to lic VSS on a 4500 SUP7L-E ? url... Under Table 5 - Support by Image Type; VSS is listed as available on IP Base (SUP7E only) and a plain Yes under Enterprise Services, inferring that you need Enterprise Services lic on SUP7L-E to get VSS? url...Under Table 1 - Minimum License for VSS; IP Base or higher (7-E) or special license (7-LE and Catalyst 4500-X)Can find no option on CCO / configuration tools to list a 'special' VSS license for 4500R+E chasiss with dual SUP7L-E and IP Base.How are you meant to purchase/license VSS on 4500E Chassis + SUP7L-E ?
My 4500 core always in 60 % cpu utility , and when i run #sh proc cpu sorted i find that 55 29725041543795572214 0 39.43% 41.40% 41.39% 0 Cat4k Mgmt LoPri
Which mean that this process is the top one , and when i run #sh platform health i found that Stub-JobEventSchedul 10.00 15.98 10 64 100 500 20 17 12 29269:55 K2 CpuMan Review 30.00 35.60 30 48 100 500 49 46 32 52390:52
Those two process are the top and they already exceed their maximum rang and when i run #sh platform cpu packet statistics i can find that Packets Received by Packet Queue
How i can configure the SFP Ports on my 4500 SERIES CHASSIS with other SFP ports on the connecting switch. I want to connect 15 switches via GLC=SX=MM to my 4506E sfp card.
I am trying to setup the WOL for our enterprise. We have a C4500 setup with mutliple Vlans. We are using Microsoft SCCM server to wake up workstations for security update. The workstations are on vlan190 and the Microsoft server is on vlan 441
Here's my config
the config below
interface Vlan190ip directed-broadcast 100 (Enables the translation of a directed broadcast to physical broadcasts) access-list 100 remark ====== Wake-On-LAN ======no access-list 100 permit udp host 10.4.40.98 any eq 9 logaccess-list 100 remark ====== End of ACL 100 ======
We have 3 layer LAN architecture, layer 1 of 6500(IP routing), layer 2 of 4500(L2 switch only), layer 3 of 2960(L2 Switch)In a Single (2960 and 4500) Switch Port Avaya IP phone and PC are connected.Now, the requirement is that, Qos need to be configured for Voice traffic and Data traffic should be in default class of service.We plan to use COS value in Switch 4500 and 2960. We made a sample configuration as below
### For 4500 Switch class-map match-all VOIP-Access-2MB match cos 3 5 class-map match-all VOIP-Uplink-20MB match cos 3 5
[code].....
check these configurations are correct as per standard and if there is any other method of configuration?What need to be configured in L3 Switch(6500)??In 2960, it doesn't support ingress QoS, what impact it will make when compare to 4500? do users experiance any difference?
read the posts regarding vlans that are administratively down, they suggested that they are down if no ports are assigned to them, however I do have a switchport assigned, and the interface is still down. This is on the vtp server and on the clients. The vlan is not listed when issuing show vlan brief. Other vlans configured in a similar way do show and their interfaces are up. These are two Catalyst 4948-10G.Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500-IPBASEK9-M), Version 12.2(53)SG5, RELEASE SOFTWARE (fc1).
I have installed a WS-X4448-GB-RJ45 on a 4503 chasis. I could not get input or output rate, just shows 0 bit/seg wether or not is forwarding traffic. I would like to know if I have to make any configuration or workaround. The IOS version is 12.2(37)SG1.
When I connect two 4500-x switches in a VSS setup, do I need to have both 4500-x switches equiped with Enterprise Services, or can I mix IP Base with Enterprise Services in one VSS setup in order to save on licensing costs?
I have a Cisco 4500 Sup 6 engine and I have two 48 port fiber line cards installed. When I do a show interfaces I do not see any of the Fiber cards. This is a new out of the box 4500 and I installed the Sup 6 Line card in Slot #1, And the two 48 port Fiber cards in Slots 2 and 3. Am I missing something, is there a command or set up procidure for the line cards. I just assumed they were plug and play
I have a 4510R-E chassis which currently has a single supervisor 5 installed.
We are now looking at upgrading the supervisor to a Sup6. Now the question is this, can I install the Sup6 into the redundant cpu slot and then perform a failover to get the new switch working without any noticable downtime.
I'm not sure what having a Sup V and a Sup 6 in at the same time will do to the backplane.
Otherwise I have to take the switch down and then install the card and software manually.
I am about to configure 4 Gig ports for EtherChannel. I've been reading about EtherChannel and it seems easy enough to configure. I have a host (server)which I am going to connect to these 4 - gig ports. This is new for me and would like some feedback for those that have used EtherChannel on their layer 2 switches. The gig ports will be an access port with VLAN XX.
