PG1X

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:qos:catalyst:catalyst

Cisco: Catalyst QoS

Topology:

Preparation

Project name: ccna-qos-0003-end-to-end-qos-lab

Catalyst QoS Getting Started

Using Physical Box

  1. Catalyst 3750 v2 15 IP Services
  2. Catalyst 2960 15.0(2)SE8 LANBASE
SW1>en
SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#
*Mar  1 00:02:07.842: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
SW1(config)#
SW1(config)#
SW1(config)#
SW1(config)#
SW1(config)#ml
SW1(config)#mls qo
SW1(config)#mlsq qos
               ^
% Invalid input detected at '^' marker.

SW1(config)#mls qos
SW1(config)#int f1/0/1
SW1(config-if)#mls qos tr
SW1(config-if)#mls qos trust ds
SW1(config-if)#mls qos trust dscp 
SW1(config-if)#do sh run int f1/0/1
Building configuration...

Current configuration : 55 bytes
!
interface FastEthernet1/0/1
 mls qos trust dscp
end

SW1(config-if)#
ASW1>en
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls
ASW1(config)#mls qo
ASW1(config)#mls qos 
ASW1(config)#int f0/1
ASW1(config-if)#mls
ASW1(config-if)#mls qo
ASW1(config-if)#mls qos tr
ASW1(config-if)#mls qos trust ?
  cos            cos keyword
  device         trusted device class
  dscp           dscp keyword
  ip-precedence  ip-precedence keyword
  <cr>

ASW1(config-if)#mls qos trust ds
ASW1(config-if)#mls qos trust dscp 
ASW1(config-if)#do sh run int f0/1
Building configuration...

Current configuration : 104 bytes
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 mls qos trust dscp
end

ASW1(config-if)#
configure terminal
!
mls qos
!
interface FastEthernet 0/0
 mls qos trust dscp
exit
interface GigabitEthernet 0/1
 priority-queue out
exit
!
end
  • Linux Server (Ubuntu Server 18.04 LTS)
/etc/netplan/01-netcfg.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    enp0s25:
      dhcp4: yes
      dhcp6: yes
    enp6s0:
      dhcp4: no
      dhcp6: no
  vlans:
    vlan30:
      id: 30
      link: enp6s0
      addresses: [ "10.3.98.5/24" ]
root@controller:~# netplan apply
root@controller:~# ip a s

(snip)

3: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:22:4d:37:95:28 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::222:4dff:fe37:9528/64 scope link
       valid_lft forever preferred_lft forever
4: vlan30@enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:22:4d:37:95:28 brd ff:ff:ff:ff:ff:ff
    inet 10.3.98.5/24 brd 10.3.98.255 scope global vlan30
       valid_lft forever preferred_lft forever
    inet6 fe80::222:4dff:fe37:9528/64 scope link
       valid_lft forever preferred_lft forever
SW1(config-if)#int fa1/0/23
SW1(config-if)#swi
SW1(config-if)#switchport mo
SW1(config-if)#switchport mode tru
SW1(config-if)#switchport mode trunk 
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode.
SW1(config-if)#swi
SW1(config-if)#switchport tru
SW1(config-if)#switchport tru   
SW1(config-if)#switchport trunk en
SW1(config-if)#switchport trunk encapsulation 802
SW1(config-if)#switchport trunk encapsulatio     
SW1(config-if)#switchport trunk encapsulation ?
  dot1q      Interface uses only 802.1q trunking encapsulation when trunking
  isl        Interface uses only ISL trunking encapsulation when trunking
  negotiate  Device will negotiate trunking encapsulation with peer on
             interface

SW1(config-if)#switchport trunk encapsulation dot
SW1(config-if)#switchport trunk encapsulation dot1q 
SW1(config-if)#switchport mode trunk                
SW1(config-if)#
*Mar  1 05:39:56.975: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/23, changed state to down
SW1(config-if)#
*Mar  1 05:39:59.995: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/23, changed state to up
SW1(config-if)#vlan 30
SW1(config-vlan)#name qos-lab
SW1(config-vlan)#do sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa1/0/1, Fa1/0/2, Fa1/0/3
                                                Fa1/0/4, Fa1/0/5, Fa1/0/6
                                                Fa1/0/7, Fa1/0/8, Fa1/0/9
                                                Fa1/0/10, Fa1/0/11, Fa1/0/12
                                                Fa1/0/13, Fa1/0/14, Fa1/0/15
                                                Fa1/0/16, Fa1/0/17, Fa1/0/18
                                                Fa1/0/19, Fa1/0/20, Fa1/0/21
                                                Fa1/0/22, Fa1/0/24, Gi1/0/1
                                                Gi1/0/2
3    VLAN0003                         active    
5    VLAN0005                         active    
10   Voice                            active    
20   Data                             active    
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 
SW1(config-vlan)#do sh int trunk 

Port        Mode             Encapsulation  Status        Native vlan
Fa1/0/23    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Fa1/0/23    1-4094

Port        Vlans allowed and active in management domain
Fa1/0/23    1,3,5,10,20

Port        Vlans in spanning tree forwarding state and not pruned
Fa1/0/23    1,3,5,10,20
SW1(config-vlan)#exit           
SW1(config)#do sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa1/0/1, Fa1/0/2, Fa1/0/3
                                                Fa1/0/4, Fa1/0/5, Fa1/0/6
                                                Fa1/0/7, Fa1/0/8, Fa1/0/9
                                                Fa1/0/10, Fa1/0/11, Fa1/0/12
                                                Fa1/0/13, Fa1/0/14, Fa1/0/15
                                                Fa1/0/16, Fa1/0/17, Fa1/0/18
                                                Fa1/0/19, Fa1/0/20, Fa1/0/21
                                                Fa1/0/22, Fa1/0/24, Gi1/0/1
                                                Gi1/0/2
3    VLAN0003                         active    
5    VLAN0005                         active    
10   Voice                            active    
20   Data                             active    
30   qos-lab                          active    
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 
SW1(config)#
SW1(config)#do sh int trunk 

Port        Mode             Encapsulation  Status        Native vlan
Fa1/0/23    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Fa1/0/23    1-4094

Port        Vlans allowed and active in management domain
Fa1/0/23    1,3,5,10,20,30

Port        Vlans in spanning tree forwarding state and not pruned
Fa1/0/23    1,3,5,10,20,30
SW1(config)#
monitor session 1 source interface FastEthernet 1/0/23
monitor session 1 destination interface FastEthernet 1/0/9 encapsulation replicate
  • SW1
configure terminal
!
vlan 30
 name qos-lab
exit
!
interface FastEthernet 1/0/13
 switchport trunk encapsulation dot1q
 switchport mode trunk
exit
interface FastEthernet 1/0/23
 switchport trunk encapsulation dot1q
 switchport mode trunk
exit
!
monitor session 1 source interface FastEthernet 1/0/23
monitor session 1 destination interface FastEthernet 1/0/9 encapsulation replicate
!
end
root@controller:~# ping 10.3.98.1
PING 10.3.98.1 (10.3.98.1) 56(84) bytes of data.
# WRONG!!
root@controller:~# ping 10.3.98.1 -Q 46
  • R1
enable
configure terminal
!
interface FastEthernet 0/0.1
 encapsulation dot1q 1 native
exit
interface FastEthernet 0/0.30
 encapsulation dot1q 30
 ip address 10.3.98.1 255.255.255.0
exit
interface FastEthernet 0/0
 no shutdown
exit
!
end

Ethernet 802.1Q 4 byte field

  1. TPID(Type) 16 bit
  2. PCP(Priority Code Point) 3 bit
  3. CFI(Canonical Format Indicator) 1 bit
  4. VID 12 bit

IP ToS Field 1 byte

  1. DSCP 6 bit
root@controller:~# man ping
       -Q tos Set Quality of Service -related bits in ICMP datagrams.  tos can be decimal (ping only) or hex number.

              In  RFC2474,  these  fields are interpreted as 8-bit Differentiated Services (DS), consisting of: bits 0-1 (2 lowest bits) of separate data,
              and bits 2-7 (highest 6 bits) of Differentiated Services Codepoint (DSCP).  In RFC2481 and RFC3168, bits 0-1 are used for ECN.

              Historically (RFC1349, obsoleted by RFC2474), these were interpreted as: bit 0 (lowest bit) for reserved (currently being redefined as  con‐
              gestion control), 1-4 for Type of Service and bits 5-7 (highest bits) for Precedence.

send DSCP EF(Expedited Forwarding) value 46

this bit array in ToS field is

1011 1000 = 0xb8

DSCP decimal value is 46, but ToS decimal value is NOT 46.

  • Linux Server (Ubuntu Server 18.04 LTS)
# CORRECT
ping 10.3.98.1 -Q 0xb8 -c 4
# WRONG!!
ping 10.3.98.1 -Q 46 -c 4

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-1.pcapng

WRONG!!

CORRECT

Request

Reply from R1

DSCP is reset to 0

Let's say set CoS to 5.

root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received          286
          total bytes received        23492
      Broadcast/Multicast Rcvd            0

      total frames transmitted          461
       total bytes transmitted        35138
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

イーサネットフレームでのCoS(PCP、802.1P)の設定 - c、linux、ソケット

root@controller:~# apt install vlan
vconfig set_egress_map vlan30 0 5
root@controller:~# man vconfig
root@controller:~# vconfig set_egress_map enp6s0.30 0 5
ERROR: trying to set egress map on device -:enp6s0.30:- error: No such device
root@controller:~# vconfig set_egress_map vlan30 0 5
Set egress mapping on device -:vlan30:- Should be visible in /proc/net/vlan/vl
an30
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received          959
          total bytes received        79302
      Broadcast/Multicast Rcvd            0

      total frames transmitted         1134
       total bytes transmitted       100028
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 0:5

PCP is not set…

vconfig set_egress_map vlan30 1 5
vconfig set_egress_map vlan30 2 5
vconfig set_egress_map vlan30 3 5
vconfig set_egress_map vlan30 4 5
vconfig set_egress_map vlan30 5 5
vconfig set_egress_map vlan30 6 5
vconfig set_egress_map vlan30 7 5
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received         1325
          total bytes received       109704
      Broadcast/Multicast Rcvd            0

      total frames transmitted         1500
       total bytes transmitted       135392
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5

OK … Cos(PCP; Priority Code Point) set to 5

root@controller:~# ping 10.3.98.1 -Q 0xb8 -c4
PING 10.3.98.1 (10.3.98.1) 56(84) bytes of data.
64 bytes from 10.3.98.1: icmp_seq=1 ttl=255 time=1.15 ms
64 bytes from 10.3.98.1: icmp_seq=2 ttl=255 time=1.18 ms
64 bytes from 10.3.98.1: icmp_seq=3 ttl=255 time=1.31 ms
64 bytes from 10.3.98.1: icmp_seq=4 ttl=255 time=1.21 ms

--- 10.3.98.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 1.155/1.218/1.319/0.070 ms

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-2-cos.pcapng

echo request: CoS=5, DSCP: EF(46).

reply: CoS, DSCP field is default.

Mapping Table Lab

base configuration

  • R1
enable
configure terminal
!
interface FastEthernet 0/0.1
 encapsulation dot1q 1 native
exit
interface FastEthernet 0/0.30
 encapsulation dot1q 30
 ip address 10.3.98.1 255.255.255.0
exit
interface FastEthernet 0/0
 no shutdown
exit
!
end
  • SW1
configure terminal
!
vlan 30
 name qos-lab
exit
!
interface FastEthernet 1/0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk
exit
interface FastEthernet 1/0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
exit
!
monitor session 1 source interface FastEthernet 1/0/1
monitor session 1 destination interface FastEthernet 1/0/24 encapsulation replicate
!
end
  • Linux Server (Ubuntu Server 18.04 LTS)
/etc/netplan/01-netcfg.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    enp0s25:
      dhcp4: yes
      dhcp6: yes
    enp6s0:
      dhcp4: no
      dhcp6: no
  vlans:
    vlan30:
      id: 30
      link: enp6s0
      addresses: [ "10.3.98.5/24" ]

CoS: 5

sudo netplan apply
sudo vconfig set_egress_map vlan30 0 5
sudo vconfig set_egress_map vlan30 1 5
sudo vconfig set_egress_map vlan30 2 5
sudo vconfig set_egress_map vlan30 3 5
sudo vconfig set_egress_map vlan30 4 5
sudo vconfig set_egress_map vlan30 5 5
sudo vconfig set_egress_map vlan30 6 5
sudo vconfig set_egress_map vlan30 7 5

ping with DSCP EF(46)

ping 10.3.98.1 -Q 0xb8 -c 4

no qos configuration

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-3-no-qos.pcapng

ping 10.3.98.1 -Q 0xb8 -c 4

DSCP return value preserved.

QoS enabled, but untrust all ports

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-4-untrust.pcapng

  • SW1
configure terminal
!
mls qos
!
end
ping 10.3.98.1 -Q 0xb8 -c 4

resetted CoS, DSCP value to default.

now, verify f1/0/2 inbound traffic.

SW1(config)#monitor session 1 source int f1/0/2

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-5-untrust-f1-0-2.pcapng

OK, preprocess in SW1 original frame, packet Cos, DSCP value has configured 5, EF.

revert SPAN configuration to monitor f1/0/1.

SW1(config)#monitor session 1 source int f1/0/1

Trust CoS

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-6-trust-cos.pcapng

  • SW1
configure terminal
!
mls qos
!
interface FastEthernet 1/0/1
 priority-queue out
exit
interface FastEthernet 1/0/2
 mls qos trust cos
exit
!
end
ping 10.3.98.1 -Q 0xb8 -c 4

DSCP value is set from 46 to 40 by Catalyst 3750 mapping table.

Trust DSCP

sudo vconfig set_egress_map vlan30 0 0
sudo vconfig set_egress_map vlan30 1 0
sudo vconfig set_egress_map vlan30 2 0
sudo vconfig set_egress_map vlan30 3 0
sudo vconfig set_egress_map vlan30 4 0
sudo vconfig set_egress_map vlan30 5 0
sudo vconfig set_egress_map vlan30 6 0
sudo vconfig set_egress_map vlan30 7 0
cat /proc/net/vlan/vlan30
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received         1405
          total bytes received       116120
      Broadcast/Multicast Rcvd            0

      total frames transmitted         1618
       total bytes transmitted       145604
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
monitor session 1 source int f1/0/2
  • SW1
configure terminal
!
mls qos
!
interface FastEthernet 1/0/1
 priority-queue out
exit
interface FastEthernet 1/0/2
 mls qos trust dscp
exit
!
end

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-7-trust-dscp-f-1-0-2-preprocess.pcapng

ping 10.3.98.1 -Q 0xb8 -c 4

still monitored previous CoS value…

remove vlan subinterface and re apply.

root@controller:~# vconfig rem vlan30
root@controller:~# cat /proc/net/vlan/vlan30
cat: /proc/net/vlan/vlan30: No such file or directory
root@controller:~# netplan apply
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted            6
       total bytes transmitted          516
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

still CoS 5.

rebooting.

root@controller:~# systemctl reboot

still remaining… i can't understand…

SW1#sh run | i monitor
monitor session 1 source interface Fa1/0/1 - 2
monitor session 1 destination interface Fa1/0/24 encapsulation replicate

ah… wrong monitoring session…

no monitor session 1 source interface Fa1/0/1 - 2
monitor session 1 source int f1/0/2

finally get expected result…

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-8-trust-dscp.pcapng

change monitor interface.

no monitor session 1 source int f1/0/2
monitor session 1 source int f1/0/1
SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/1
monitor session 1 destination interface Fa1/0/24 encapsulation replicate
ping 10.3.98.1 -Q 0xb8 -c 4

CoS field set to 5 from Catalyst 3750 mapping table.

EXAM AGAIN because wrong monitor configuration

QoS enabled, but untrust all ports

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-9-untrust.pcapng

SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/1
monitor session 1 destination interface Fa1/0/24 encapsulation replicate
sudo vconfig set_egress_map vlan30 0 5
sudo vconfig set_egress_map vlan30 1 5
sudo vconfig set_egress_map vlan30 2 5
sudo vconfig set_egress_map vlan30 3 5
sudo vconfig set_egress_map vlan30 4 5
sudo vconfig set_egress_map vlan30 5 5
sudo vconfig set_egress_map vlan30 6 5
sudo vconfig set_egress_map vlan30 7 5
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received           15
          total bytes received         1146
      Broadcast/Multicast Rcvd            0

      total frames transmitted           35
       total bytes transmitted         2630
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5
  • SW1
configure terminal
!
mls qos
!
interface FastEthernet 1/0/1
 no priority-queue out
exit
interface FastEthernet 1/0/2
 no mls qos trust cos
 no mls qos trust dscp
exit
!
end
ping 10.3.98.1 -Q 0xb8 -c 4

resetted CoS, DSCP value to default.

now, verify f1/0/2 inbound traffic.

no monitor session 1 source int f1/0/1
monitor session 1 source int f1/0/2
SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/2
monitor session 1 destination interface Fa1/0/24 encapsulation replicate

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-10-untrust-f1-0-2.pcapng

ping 10.3.98.1 -Q 0xb8 -c 4

OK, preprocess in SW1 original frame, packet Cos, DSCP value has configured 5, EF.

revert SPAN configuration to monitor f1/0/1.

no monitor session 1 source int f1/0/2
monitor session 1 source int f1/0/1
SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/1
monitor session 1 destination interface Fa1/0/24 encapsulation replicate

Trust CoS

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-11-trust-cos.pcapng

  • SW1
configure terminal
!
mls qos
!
interface FastEthernet 1/0/1
 priority-queue out
exit
interface FastEthernet 1/0/2
 mls qos trust cos
exit
!
end
ping 10.3.98.1 -Q 0xb8 -c 4

DSCP value is set from 46 to 40 by Catalyst 3750 mapping table.

Trust DSCP

sudo vconfig set_egress_map vlan30 0 0
sudo vconfig set_egress_map vlan30 1 0
sudo vconfig set_egress_map vlan30 2 0
sudo vconfig set_egress_map vlan30 3 0
sudo vconfig set_egress_map vlan30 4 0
sudo vconfig set_egress_map vlan30 5 0
sudo vconfig set_egress_map vlan30 6 0
sudo vconfig set_egress_map vlan30 7 0
cat /proc/net/vlan/vlan30
root@controller:~# cat /proc/net/vlan/vlan30
vlan30  VID: 30  REORDER_HDR: 1  dev->priv_flags: 1021
         total frames received           30
          total bytes received         2292
      Broadcast/Multicast Rcvd            0

      total frames transmitted           51
       total bytes transmitted         4002
Device: enp6s0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
no monitor session 1 source int f1/0/1
monitor session 1 source int f1/0/2
SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/1
monitor session 1 destination interface Fa1/0/24 encapsulation replicate
  • SW1
configure terminal
!
mls qos
!
interface FastEthernet 1/0/1
 priority-queue out
exit
interface FastEthernet 1/0/2
 mls qos trust dscp
exit
!
end
SW1(config)#interface FastEthernet 1/0/2
SW1(config-if)#msl
SW1(config-if)#mls  
SW1(config-if)#mls qo
SW1(config-if)#mls qos tr
SW1(config-if)#mls qos trust ds
SW1(config-if)#mls qos trust dscp 
SW1(config-if)#do sh run int f1/0/2
Building configuration...

Current configuration : 116 bytes
!
interface FastEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
 mls qos trust dscp
end

SW1(config-if)#

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-12-trust-dscp-f-1-0-2-preprocess.pcapng

ping 10.3.98.1 -Q 0xb8 -c 4

CoS is 0, DSCP is EF, return packet is rest to default because f1/0/1 inbound traffic not trusted.

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-13-trust-dscp.pcapng

change monitor interface.

no monitor session 1 source int f1/0/2
monitor session 1 source int f1/0/1
SW1(config)#do sh run | i monitor
monitor session 1 source interface Fa1/0/1
monitor session 1 destination interface Fa1/0/24 encapsulation replicate
ping 10.3.98.1 -Q 0xb8 -c 4

CoS field set to 5 from Catalyst 3750 mapping table. return packet is preserved DSCP value because preprocess f1/0/1 traffic.

I verified carefully inbound, outbound packets f1/0/1, f1/0/2 CoS, DSCP fields how change.

Wireshark packet capture result: ccna-qos-0003-end-to-end-qos-lab-14-detailed-review-f-1-0-1-f-1-0-2-cos-dscp-value-changes-verification.pcapng

Catalyst QoS Configuration

configure terminal
!
vlan 10
 name Voice
!
vlan 20
 name Data
!
mls qos
!
interface FastEthernet 1/0/2
 switchport mode access
 switchport voice vlan 10
 switchport access vlan 20
 !mls qos trust cos
 mls qos trust dscp
 mls qos trust device cisco-phone
 priority-queue out
exit
!
end

SW1>enable 
SW1#confi
SW1#configure ter
SW1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vlan 10
SW1(config-vlan)#na
SW1(config-vlan)#name Voice
SW1(config-vlan)#vlan 20
SW1(config-vlan)#name Data
SW1(config-vlan)#exit
SW1(config)#mls qo
SW1(config)#mls qos 
SW1(config)#int f1/0/2
SW1(config-if)#sw
SW1(config-if)#switchport mo
SW1(config-if)#switchport mode a
SW1(config-if)#switchport mode access 
SW1(config-if)#swi
SW1(config-if)#switchport vo
SW1(config-if)#switchport voice vl
SW1(config-if)#switchport voice vlan 10
SW1(config-if)#swi
SW1(config-if)#switchport acc
SW1(config-if)#switchport access vl
SW1(config-if)#switchport access vlan 20
SW1(config-if)#ml
SW1(config-if)#mls qo
SW1(config-if)#mls qos tr
SW1(config-if)#mls qos trust dsc
SW1(config-if)#mls qos trust dscp 
SW1(config-if)#mls
SW1(config-if)#mls qo
SW1(config-if)#mls qos tr
SW1(config-if)#mls qos trust de
SW1(config-if)#mls qos trust device ci
SW1(config-if)#mls qos trust device cisco-phone 
SW1(config-if)#pri
SW1(config-if)#priority-queue o
SW1(config-if)#priority-queue out 
SW1(config-if)#do sh mls    
% Incomplete command.

SW1(config-if)#do sh mls ?
% Unrecognized command
SW1(config-if)#do sh mls int
                         ^
% Invalid input detected at '^' marker.

SW1(config-if)#^Z
SW1#
*Mar  1 00:04:43.526: %SYS-5-CONFIG_I: Configured from console by console
SW1#sh ml
SW1#sh mls qo
SW1#sh mls qos ?
  aggregate-policer  aggregate-policer keyword
  input-queue        input-queue keyword
  interface          interface keyword
  maps               maps keyword
  queue-set          queue-set keyword
  vlan               VLAN keyword
  |                  Output modifiers
  <cr>

SW1#sh mls qos interface fa1/0/2
FastEthernet1/0/2
trust state: not trusted
trust mode: trust dscp
trust enabled flag: dis
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: cisco-phone
qos mode: port-based

SW1#deb
SW1#debug ml
SW1#debug mls
SW1#debug q  
SW1#debug qo
SW1#debug qos in
SW1#debug qos ?     
  capability                 QoS capability
  command-installation-time  Time to finish the command
  events                     QoS mqc events
  index                      CBQOSMIB index persistency
  pre-classify               QOS pre-classify events
  provision                  QoS provision
  service-policy             QoS service-policy
  set                        QoS packet marking
  snmp                       CBQOSMIB snmp general
  tunnel_marking             QoS packet tunnel marking
  <cr>

SW1#debug qos eve
SW1#debug qos events 
QoS event debugging debugging is on
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qo
ASW1(config)#mls qos ma
ASW1(config)#mls qos map co
ASW1(config)#mls qos map cos-dscp ds
ASW1(config)#mls qos map cos-dscp 0 5 10 14 20 25 46 35 40
                                                        ^
% Invalid input detected at '^' marker.

ASW1(config)#mls qos map cos- 0 5 10 14 20 25 46 35 40    
ASW1(config)#mls qos map co 0 5 10 14 20 25 46 35 40  
ASW1(config)#mls qos map co                         
ASW1(config)#mls qos map cos-dscp ?
  <0-63>  CoS values separated by spaces (up to 8 values total)

ASW1(config)#mls qos map cos-dscp 0 5 10 14 20 46 35 40 
ASW1(config)#^Z
ASW1#sh mls 
000014: *Mar  1 09:18:59.844 JST: %SYS-5-CONFIG_I: Configured from console by console
ASW1#sh mls qo
ASW1#sh mls qos ma
ASW1#sh mls qos maps co
ASW1#sh mls qos maps cos-dsc
ASW1#sh mls qos maps cos-dscp 
   Cos-dscp map:
        cos:   0  1  2  3  4  5  6  7 
     --------------------------------
       dscp:   0  5 10 14 20 46 35 40 


ASW1#cofn t                   
       ^
% Invalid input detected at '^' marker.

ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#no mls qos map cos-dscp 0 5 10 14 20 46 35 40
ASW1(config)#do sh mls qos maps cos-dscp                  
   Cos-dscp map:
        cos:   0  1  2  3  4  5  6  7 
     --------------------------------
       dscp:   0  8 16 24 32 40 48 56 


ASW1(config)#mls qos map cos-dscp 0  8 16 24 32 46 48 56  
ASW1(config)#do sh mls qos maps cos-dscp                
   Cos-dscp map:
        cos:   0  1  2  3  4  5  6  7 
     --------------------------------
       dscp:   0  8 16 24 32 46 48 56 


ASW1(config)
ASW1#sh mls qos maps ip-prec-dscp 
   IpPrecedence-dscp map:
     ipprec:   0  1  2  3  4  5  6  7 
     --------------------------------
       dscp:   0  8 16 24 32 40 48 56 


ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos map ip-prec-dscp ?
  <0-63>  8 dscp values separated by spaces

ASW1(config)#mls qos map ip-prec-dscp 0  8 16 24 32 46 48 56
ASW1(config)#do sh mls qos maps ip-prec-dscp
   IpPrecedence-dscp map:
     ipprec:   0  1  2  3  4  5  6  7 
     --------------------------------
       dscp:   0  8 16 24 32 46 48 56 


ASW1(config)#
ASW1#sh mls qos maps policed-dscp 
   Policed-dscp map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09 
      1 :    10 11 12 13 14 15 16 17 18 19 
      2 :    20 21 22 23 24 25 26 27 28 29 
      3 :    30 31 32 33 34 35 36 37 38 39 
      4 :    40 41 42 43 44 45 46 47 48 49 
      5 :    50 51 52 53 54 55 56 57 58 59 
      6 :    60 61 62 63 


ASW1#conf t   
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos map policed-dscp ?
  <0-63>  DSCP values separated by spaces (up to 8 values total)

ASW1(config)#mls qos map policed-dscp 19 29 39 49 59 to 9 
ASW1(config)#do sh mls qos maps policed-dscp
   Policed-dscp map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09 
      1 :    10 11 12 13 14 15 16 17 18 09 
      2 :    20 21 22 23 24 25 26 27 28 09 
      3 :    30 31 32 33 34 35 36 37 38 09 
      4 :    40 41 42 43 44 45 46 47 48 09 
      5 :    50 51 52 53 54 55 56 57 58 09 
      6 :    60 61 62 63 


ASW1(config)#mls qos map policed-dscp 11 22 33 44 45 56 57 to 0
ASW1(config)#^Z                                                
ASW1#sh ms
000014: *Mar  1 09:26:20.103 JST: %SYS-5-CONFIG_I: Configured from console by console
ASW1#sh mls qos maps policed-dscp 
   Policed-dscp map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09 
      1 :    10 00 12 13 14 15 16 17 18 09 
      2 :    20 21 00 23 24 25 26 27 28 09 
      3 :    30 31 32 00 34 35 36 37 38 09 
      4 :    40 41 42 43 00 00 46 47 48 09 
      5 :    50 51 52 53 54 55 00 00 58 09 
      6 :    60 61 62 63 


ASW1#
ASW1#sh mls qos maps dscp-cos 
   Dscp-cos map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 00 00 00 00 00 00 00 01 01 
      1 :    01 01 01 01 01 01 02 02 02 02 
      2 :    02 02 02 02 03 03 03 03 03 03 
      3 :    03 03 04 04 04 04 04 04 04 04 
      4 :    05 05 05 05 05 05 05 05 06 06 
      5 :    06 06 06 06 06 06 07 07 07 07 
      6 :    07 07 07 07 


ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos map dscp-cos 34 35 36 to 5
ASW1(config)#do sh mls qos maps dscp-cos
   Dscp-cos map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 00 00 00 00 00 00 00 01 01 
      1 :    01 01 01 01 01 01 02 02 02 02 
      2 :    02 02 02 02 03 03 03 03 03 03 
      3 :    03 03 04 04 05 05 05 04 04 04 
      4 :    05 05 05 05 05 05 05 05 06 06 
      5 :    06 06 06 06 06 06 07 07 07 07 
      6 :    07 07 07 07 


ASW1(config)#
configure terminal
!
mls qos
!
mls qos map dscp-mutation QOS 0 1 2 3 4 5 6 7 to 15
mls qos map dscp-mutation QOS 8 9 10 11 12 13 to 20
mls qos map dscp-mutation QOS 50 51 52 53 to 56
!
interface FastEthernet 0/1
 mls qos trust dscp
 mls qos dscp-mutation QOS
exit
!
end
ASW1#sh mls qos maps dscp-mutation 

   Dscp-dscp mutation map:
   Default DSCP Mutation Map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09 
      1 :    10 11 12 13 14 15 16 17 18 19 
      2 :    20 21 22 23 24 25 26 27 28 29 
      3 :    30 31 32 33 34 35 36 37 38 39 
      4 :    40 41 42 43 44 45 46 47 48 49 
      5 :    50 51 52 53 54 55 56 57 58 59 
      6 :    60 61 62 63 

ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos map dscp-mutation ?
  WORD  dscp mutation map name

ASW1(config)#mls qos map dscp-mutation QOS ?
  <0-63>  DSCP values separated by spaces (up to 8 values total)

ASW1(config)#mls qos map dscp-mutation QOS 0 1 2 3 4 5 6 7 to 15
ASW1(config)#mls qos map dscp-mutation QOS 8 9 10 11 12 13 to 20
ASW1(config)#mls qos map dscp-mutation QOS 50 51 52 53 to 56
ASW1(config)#do sh mls qos maps dscp-mutation

   Dscp-dscp mutation map:
   QOS:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    15 15 15 15 15 15 15 15 20 20 
      1 :    20 20 20 20 14 15 16 17 18 19 
      2 :    20 21 22 23 24 25 26 27 28 29 
      3 :    30 31 32 33 34 35 36 37 38 39 
      4 :    40 41 42 43 44 45 46 47 48 49 
      5 :    56 56 56 56 54 55 56 57 58 59 
      6 :    60 61 62 63 

   Dscp-dscp mutation map:
   Default DSCP Mutation Map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9 
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09 
      1 :    10 11 12 13 14 15 16 17 18 19 
      2 :    20 21 22 23 24 25 26 27 28 29 
      3 :    30 31 32 33 34 35 36 37 38 39 
      4 :    40 41 42 43 44 45 46 47 48 49 
      5 :    50 51 52 53 54 55 56 57 58 59 
      6 :    60 61 62 63 

ASW1(config)#int f0/1
ASW1(config-if)#mls qos trust dscp 
ASW1(config-if)#mls qos dscp-mutation ?
  WORD  dscp mutation name

ASW1(config-if)#mls qos dscp-mutation QOS
ASW1(config-if)#^Z
ASW1#
000016: *Mar  1 09:45:27.589 JST: %SYS-5-CONFIG_I: Configured from console by console
ASW1#sh run int f0/1
Building configuration...

Current configuration : 131 bytes
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 mls qos trust dscp
 mls qos dscp-mutation QOS
end

ASW1#
configure terminal
!
mls qos srr-queue input priority-queue 1 bandwidth 15
mls qos srr-queue input bandwidth 4 4
!
end
configure terminal
!
mls qos srr-queue input buffer 60 40
!
end
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos srr qu
ASW1(config)#mls qos sr    
ASW1(config)#mls qos srr-queue in
ASW1(config)#mls qos srr-queue input bu
ASW1(config)#mls qos srr-queue input buffers ?
  <0-100>  enter percent of buffers for queue 1

ASW1(config)#mls qos srr-queue input buffers 60 ?
  <0-100>  enter percent of buffers for queue 2

ASW1(config)#mls qos srr-queue input buffers 60 40
ASW1(config)#^Z    
ASW1#
000014: *Mar  1 09:39:03.693 JST: %SYS-5-CONFIG_I: Configured from console by console
ASW1#sh mls
ASW1#sh mls qo
ASW1#sh mls qos srr
ASW1#sh mls qos srr-
ASW1#sh mls qos qu  
ASW1#sh mls qos queue-set 
Queueset: 1
Queue     :       1       2       3       4
----------------------------------------------
buffers   :      25      25      25      25
threshold1:     100     200     100     100
threshold2:     100     200     100     100
reserved  :      50      50      50      50
maximum   :     400     400     400     400
Queueset: 2
Queue     :       1       2       3       4
----------------------------------------------
buffers   :      25      25      25      25
threshold1:     100     200     100     100
threshold2:     100     200     100     100
reserved  :      50      50      50      50
maximum   :     400     400     400     400
ASW1#
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue i
ASW1(config)#mls qos srr-queue input p
ASW1(config)#mls qos srr-queue input priority-queue 2 bad
ASW1(config)#mls qos srr-queue input priority-queue 2 ban
ASW1(config)#mls qos srr-queue input priority-queue 2 bandwidth 0
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue in
ASW1(config)#mls qos srr-queue input bad
ASW1(config)#mls qos srr-queue input ban
ASW1(config)#mls qos srr-queue input bandwidth 25 75
ASW1(config)#
ASW1(config)#mls qos srr-queue input dscp-map queue 2 threshold ?
  <1-3>  enter dscp-map threshold id

ASW1(config)#mls qos srr-queue input dscp-map queue 2 threshold 1 34
configure terminal
!
mls qos srr-queue input cos-map queue 1 threshold 1 0 1 2 3
mls qos srr-queue input cos-map queue 1 threshold 2 4 6
mls qos srr-queue input cos-map queue 1 threshold 3 7
mls qos srr-queue input cos-map queue 2 threshold 1 5
!
mls qos srr-queue input threshold 1 50 70
!
end
ASW1(config)#mls qos srr-queue input cos-map queue 1 threshold 1 0 1 2 3
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue in
ASW1(config)#mls qos srr-queue input co
ASW1(config)#mls qos srr-queue input cos-map q
ASW1(config)#mls qos srr-queue input cos-map queue 1 thr
ASW1(config)#mls qos srr-queue input cos-map queue 1 threshold ?
  <1-3>  enter cos-map threshold id

ASW1(config)#mls qos srr-queue input cos-map queue 1 threshold 2 ?
  <0-7>  8 cos values separated by spaces

ASW1(config)#mls qos srr-queue input cos-map queue 1 threshold 2 4 6
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue in
ASW1(config)#mls qos srr-queue input co
ASW1(config)#mls qos srr-queue input cos-map qu
ASW1(config)#mls qos srr-queue input cos-map queue 1 thr
ASW1(config)#mls qos srr-queue input cos-map queue 1 threshold 3 7
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue i
ASW1(config)#mls qos srr-queue input co
ASW1(config)#mls qos srr-queue input cos-map qu
ASW1(config)#mls qos srr-queue input cos-map queue 2 thr
ASW1(config)#mls qos srr-queue input cos-map queue 2 threshold 1 5
ASW1(config)#mls
ASW1(config)#mls qo
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue in
ASW1(config)#mls qos srr-queue input th
ASW1(config)#mls qos srr-queue input threshold ?
  <1-2>  enter threshold queue id (1-2)

ASW1(config)#mls qos srr-queue input threshold 1 ?
  <1-100>  enter percent of queue size for threshold 1

ASW1(config)#mls qos srr-queue input threshold 1 50 ?
  <1-100>  enter percent of queue size for threshold 2

ASW1(config)#mls qos srr-queue input threshold 1 50 70
ASW1(config)#
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#mls qos
ASW1(config)#mls qos srr-qu
ASW1(config)#mls qos srr-queue out
ASW1(config)#mls qos srr-queue output ds
ASW1(config)#mls qos srr-queue output dscp-map qu
ASW1(config)#mls qos srr-queue output dscp-map queue 1 thre
ASW1(config)#mls qos srr-queue output dscp-map queue 1 threshold 1 ? 
  <0-63>  dscp values separated by spaces (up to 8 values total)

ASW1(config)#mls qos srr-queue output dscp-map queue 1 threshold 1 34
ASW1(config)#mls qo
ASW1(config)#mls qos srr
ASW1(config)#mls qos srr-queue o
ASW1(config)#mls qos srr-queue output co
ASW1(config)#mls qos srr-queue output cos-map qu
ASW1(config)#mls qos srr-queue output cos-map queue ?
  <1-4>  enter cos-map output queue id

ASW1(config)#mls qos srr-queue output cos-map queue 1 thr
ASW1(config)#mls qos srr-queue output cos-map queue 1 threshold ?
  <1-3>  enter cos-map threshold id

ASW1(config)#mls qos srr-queue output cos-map queue 1 threshold 1 ?
  <0-7>  8 cos values separated by spaces

ASW1(config)#mls qos srr-queue output cos-map queue 1 threshold 1 5
ASW1(config)#


ASW1(config)#mls qos queue-set output 2 buffers 40 20 20 20 
ASW1(config)#mls qos qu
ASW1(config)#mls qos queue-set ou
ASW1(config)#mls qos queue-set output 2 thr
ASW1(config)#mls qos queue-set output 2 threshold 2 40 60 100 200
ASW1(config)#int fa0/1
ASW1(config-if)#que
ASW1(config-if)#queue-set 2
ASW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
ASW1(config)#int Fas
ASW1(config)#int FastEthernet 0/1
ASW1(config-if)#srr-qu
ASW1(config-if)#srr-queue band
ASW1(config-if)#srr-queue bandwidth sah
ASW1(config-if)#srr-queue bandwidth sha
ASW1(config-if)#srr-queue bandwidth ?  
  limit  Configure bandwidth-limit for this interface
  shape  Configure shaping on transmit queues
  share  Configure shared bandwidth

ASW1(config-if)#srr-queue bandwidth sh
ASW1(config-if)#srr-queue bandwidth shap
ASW1(config-if)#srr-queue bandwidth shape ?
  <0-65535>  enter bandwidth weight for queue id 1

ASW1(config-if)#srr-queue bandwidth shape 8 ?
  <0-65535>  enter bandwidth weight for queue id 2

ASW1(config-if)#srr-queue bandwidth shape 8 0 0 0 
ASW1(config-if)#
ASW1(config)#interface FastEthernet 0/1
ASW1(config-if)#srr-queue bandwidth share ?
  <1-255>  enter bandwidth weight for queue id 1

ASW1(config-if)#srr-queue bandwidth share 1 ?
  <1-255>  enter bandwidth weight for queue id 2

ASW1(config-if)#srr-queue bandwidth share 1 2 ?
  <1-255>  enter bandwidth weight for queue id 3

ASW1(config-if)#srr-queue bandwidth share 1 2 3 ?
  <1-255>  enter bandwidth weight for queue id 4

ASW1(config-if)#srr-queue bandwidth share 1 2 3 4 ?
  <cr>

ASW1(config-if)#srr-queue bandwidth share 1 2 3 4 
ASW1(config-if)#

I can't understand completely…..

References

tech/network/cisco/qos/catalyst/catalyst.txt · Last modified: 2019/05/11 11:27 by wnoguchi