Quality of Service Solutions Command Reference, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
A through M
Downloads: This chapterpdf (PDF - 743.0KB) The complete bookPDF (PDF - 1.88MB) | Feedback

A through M

A through M

auto discovery qos

To begin discovering and collecting data for configuring the AutoQoS for the Enterprise feature, use the autodiscoveryqos command in interface configuration mode. To stop discovering and collecting data, use the no form of this command.

auto discovery qos [trust]

no auto discovery qos

Syntax Description

trust

(Optional) Indicates that the differentiated services code point (DSCP) markings of a packet are trust (that is, relied on) for classification of the voice, video, and data traffic.

If the optional trust keyword is not specified, the voice, video, and data traffic is classified using network-based application recognition (NBAR), and the packets are marked with the appropriate DSCP value.

Command Default

No data collection is performed.

Command Modes


Interface configuration

Command History

Release

Modification

12.3(7)T

This command was introduced.

12.3(11)T

The trust mode was modified to classify packets by DSCP value rather than by protocol type.

Usage Guidelines

The autodiscoveryqos command initiates the Auto-Discovery (data collection) phase of the AutoQoS for the Enterprise feature. This command invokes NBAR protocol discovery to collect data and analyze the traffic at the egress direction of the interface.

The noautodiscoveryqoscommand terminates the Auto-Discovery phase and removes any data collection reports generated.

The trust keyword is used for the trusted model based on the specified DSCP marking. For more information, see the “Trusted Boundary” section of the AutoQoS for the Enterprise feature module, Cisco IOS Release 12.3(7)T.

Examples

The following is a sample configuration showing the Auto-Discovery (data collection) phase of the AutoQoS for the Enterprise feature enabled on a serial2/1/1 subinterface.

Router> enable
Router# configure terminal
Router(config)# interface serial2/1.1
Router(config-if)# frame-relay interface-dlci 58
Router(config-if)# auto discovery qos
Router(config-if)# end

Related Commands

Command

Description

auto qos

Installs the QoS class maps and policy maps created by the AutoQoS for the Enterprise feature.

service policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show auto qos

Displays the interface configurations, policy maps, and class maps created by AutoQoS on a specific interface or all interfaces.

auto qos

To install the quality-of-service (QoS) class maps and policy maps created by the AutoQoS for the Enterprise feature, use the autoqos command in interface configuration mode. To remove the QoS policies, use the no form of this command.

auto qos

no auto qos

Syntax Description

This command has no arguments or keywords.

Command Default

No QoS policies are installed.

Command Modes


Interface configuration (config-if)

Command History

Release

Modification

12.3(7)T

This command was introduced.

Usage Guidelines

The class maps and policy maps are created from the templates that are automatically generated by the AutoQoS for the Enterprise feature. These templates (and the resulting class maps and policy maps) are generated on the basis of the data collected during the Auto-Discovery phase of the AutoQoS for the Enterprise feature. For more information about the Auto-Discovery phase, see the “Configuration Phases” section of the AutoQoS for the Enterprise feature module, Cisco IOS Release 12.3(7)T.

The noautoqos command removes any AutoQoS-generated class maps and policy maps installed on the interface.

Theautoqos command is not supported on gigabit interfaces.

Examples

The following is a sample configuration showing the AutoQoS for the Enterprise feature enabled on a serial2/1/1 subinterface. In this configuration, the AutoQoS class maps and policy maps will be installed on the serial2/1 interface.

Router> enable
Router# configure terminal
Router(config)# interface serial2/1
Router(config-if)# frame-relay interface-dlci 58
Router(config-if)# auto qos
Router(config-if)# end

Related Commands

Command

Description

service policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show auto qos

Displays the interface configurations, policy maps, and class maps created by AutoQoS on a specific interface or all interfaces.

auto qos voip

To configure the AutoQoS--VoIP feature on an interface, use the autoqosvoip command in interface configuration mode or Frame Relay DLCI configuration mode. To remove the AutoQoS--VoIP feature from an interface, use the no form of this command.

auto qos voip [trust] [fr-atm]

no auto qos voip [trust] [fr-atm]

Syntax Description

trust

(Optional) Indicates that the differentiated services code point (DSCP) markings of a packet are trusted (relied on) for classification of the voice traffic. If the optional trust keyword is not specified, the voice traffic is classified using network-based application recognition (NBAR), and the packets are marked with the appropriate DSCP value.

fr-atm

(Optional) Enables the AutoQoS--VoIP feature for Frame-Relay-to-ATM links. This option is available on the Frame Relay data-link connection identifiers (DLCIs) for Frame-Relay-to-ATM interworking only.

Command Default

Default mode is disabled.

Command Modes


Interface configuration (config-if)
Frame Relay DLCI configuration (for use with Frame Relay DLCIs) (config-fr-dlci)

Command History

Release

Modification

12.2(15)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

To enable the AutoQoS--VoIP feature for Frame-Relay-to-ATM interworking, the fr-atmkeyword must be configured explicitly. However, the fr-atm keyword affects low-speed DLCIs only . It does not affect high-speed DLCIs.


Note


DLCIs with link speeds lower than or equal to 768 kbps are considered low-speed DLCIs; DLCIs with link speeds higher than 768 kbps are considered high-speed DLCIs.


Depending on whether the trust keyword has been configured for this command, the AutoQoS--VoIP feature automatically creates one of the following two policy maps:

  • “AutoQoS-Policy-Trust” (created if the trust keyword is configured)
  • “AutoQoS-Policy-UnTrust” (created if the trust keyword is not configured)

Both of these policy maps are designed to handle the Voice over IP (VoIP) traffic on an interface or a permanent virtual circuit (PVC) and can be modified to suit the quality of service (QoS) requirements of the network. To modify these policy maps, use the appropriate Cisco IOS command.

These policy maps should not be attached to an interface or PVC by using the service-policy command. If the policy maps are attached in this manner, the AutoQoS--VoIP feature (that is, the policy maps, class maps, and access control lists [ACLs]) will not be removed properly when thenoautoqosvoip command is configured.

For low-speed Frame Relay DLCIs that are interconnected with ATM PVCs in the same network, the fr-atm keyword must be explicitly configured in the autoqosvoip command to configure the AutoQoS--VoIP feature properly. That is, the command must be configured as autoqosvoipfr-atm.

For low-speed Frame Relay DLCIs that are configured with Frame-Relay-to-ATM, Multilink PPP (MLP) over Frame Relay (MLPoFR) is configured automatically. The subinterface must have an IP address. When MLPoFR is configured, this IP address is removed and put on the MLP bundle. The AutoQoS--VoIP feature must also be configured on the ATM side by using the autoqosvoip command.

The autoqosvoipcommand is not supported on subinterfaces or gigabit interfaces.

The autoqosvoip command is available for Frame Relay DLCIs.

Disabling AutoQoS--VoIP

The noautoqosvoip command disables the AutoQoS--VoIP feature and removes the configurations associated with the feature.

When the noautoqosvoip command is used, the no forms of the individual commands originally generated by the AutoQoS--VoIP feature are configured. With the use of individual no forms of the commands, the system defaults are reinstated. The no forms of the commands will be applied just as if the user had entered the commands individually. As the configuration reinstating the default setting is applied, any messages resulting from the processing of the commands are displayed.


Note


If you delete a subinterface or PVC (either ATM or Frame Relay PVCs) without configuring the noautoqosvoip command, the AutoQoS--VoIP feature will not be removed properly.


Examples

The following example shows the AutoQoS--VoIP feature configured on serial point-to-point subinterface 4/1.2. In this example, both the trust and fr-atmkeywords are configured.

Router> enable
Router# configure terminal
Router(config)# interface serial4/1.2 point-to-point
Router(config-if)# bandwidth 100
Router(config-if)# ip address 192.168.0.0 255.255.255.0
Router(config-if)# frame-relay interface-dlci 102
Router(config-fr-dlci)# auto qos voip trust fr-atm
Router(config-fr-dlci)# end
Router(config-if#
 
exit

Related Commands

Command

Description

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show auto qos

Displays the configurations created by the AutoQoS--VoIP feature on a specific interface or all interfaces.

bandwidth (policy-map class)

To specify or modify the bandwidth allocated for a class belonging to a policy map, or to enable ATM overhead accounting, use the bandwidth command in QoS policy-map class configuration mode. To remove the bandwidth specified for a class or disable ATM overhead accounting, use the no form of this command.

bandwidth { kbps | [ remaining ] percent percentage } [ account { qinq | dot1q } aal5 subscriber-encapsulation ]

no bandwidth

Cisco 10000 Series Router (PRE3)

bandwidth { kbps | [ remaining ] percent percentage } account { qinq | dot1q } { aal5 | aal3 } subscriber-encapsulation user-defined offset [atm]

no bandwidth

Syntax Description

kbps

Amount of bandwidth, in kilobits per second (kbps), to be assigned to the class. The amount of bandwidth varies according to the interface and platform in use. The value must be between 1 and 2,000,000 kbps.

remaining

(Optional) Specifies that the percentage of guaranteed bandwidth is based on a relative percent of available bandwidth.

percent percentage

Specifies the percentage of guaranteed bandwidth based on an absolute percent of available bandwidth to be set aside for the priority class or on a relative percent of available bandwidth. The valid range is 1 to 100.

account

(Optional) Enables ATM overhead accounting.

qinq

(Optional) Specifies queue-in-queue encapsulation as the broadband aggregation system (BRAS) to digital subscriber line access multiplexer (DSLAM) encapsulation type for ATM overhead accounting.

dot1q

(Optional) Specifies IEEE 802.1Q VLAN encapsulation as the BRAS-DSLAM encapsulation type for ATM overhead accounting.

aal5

(Optional) Specifies ATM Adaptation Layer 5 and the encapsulation type at the subscriber line for ATM overhead accounting. AAL5 supports connection-oriented variable bit rate (VBR) services. See the “Usage Guidelines” section for valid encapsulation types.

subscriber-encapsulation

The subscriber line encapsulation type. See the “Usage Guidelines” section for valid encapsulation types.

aal3

Specifies the ATM Adaptation Layer 5 that supports both connectionless and connection-oriented links. You must specify either aal3 or aal5.

user-defined offset

Specifies the offset size that the router uses when calculating ATM overhead.

Valid values are from –127 to127 bytes; 0 is not a valid value.
Note   

The router configures the offset size if you do not specify the user-defined offset option.

atm

Applies ATM cell tax in the ATM overhead calculation.

Note   

Configuring both the offset and atm options adjusts the packet size to the offset size and then adds ATM cell tax.

Command Default

No bandwidth is specified.

ATM overhead accounting is disabled.

Command Modes


QoS policy-map class configuration (config-pmap-c)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(5)XE

This command was integrated into Cisco IOS Release 12.0(5)XE and implemented on Versatile Interface Processor (VIP)-enabled Cisco 7500 series routers.

12.0(7)T

This command was modified. The percent keyword was added.

12.0(17)SL

This command was integrated into Cisco IOS Release 12.0(17)SL and implemented on Cisco 10000 series routers.

12.0(22)S

This command was modified. Support for the percent keyword was added on Cisco 10000 series routers.

12.0(23)SX

This command was modified. Support for theremaining percent keyword was added on Cisco 10000 series routers.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T and implemented on VIP-enabled Cisco 7500 series routers.

12.2(2)T

This command was modified. The remaining percent keyword was added.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(31)SB

This command was integrated into Cisco IOS Release 12.2(31)SB and implemented on Cisco 10000 series routers.

12.2(31)SB2

This command was integrated into Cisco IOS Release 12.0(17)SL and implemented on the PRE3 for the Cisco 10000 series router, and was enhanced for ATM overhead accounting on the Cisco 10000 series router for the PRE3.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

12.2(31)SB6

This command was modified to specify an offset size when calculating ATM overhead and implemented on the Cisco 10000 series router for the PRE3.

12.2(33)SRC

This command was integrated into Cisco IOS Release 12.2(33)SRC and implemented on Cisco 7600 series routers.

12.2(33)SB

This command was integrated into Cisco IOS Release 12.2(33)SB and implemented on Cisco 7300 series routers.

12.4(20)T

This command was modified. Support was added for hierarchical queueing framework (HQF) using the modular quality of service (QoS)CLI (MQC).

15.1(1)T

This command was modified. The allowed values for the kbps argument were changed. The value must be from 8 to 2000000.

15.2(1)T

This command was modified. The allowed values for the offset argument and kbps arguments were changed.

Usage Guidelines

Configuring a Policy Map

Use the bandwidth command when you configure a policy map for a class defined by the class-map command. The bandwidth command specifies the bandwidth for traffic in that class. Class-based weighted fair queueing (CBWFQ) derives the weight for packets belonging to the class from the bandwidth allocated to the class. CBWFQ then uses the weight to ensure that the queue for the class is serviced fairly.

Configuring Strict Priority with Bandwidth

You can configure only one class with strict priority. Other classes cannot have priority or bandwidth configuration. To configure minimum bandwidth for another class, use thebandwidthremainingpercent command.

Specifying Bandwidth as a Percentage for All Supported Platforms Except the Cisco 10000 Series Routers

Besides specifying the amount of bandwidth in kilobits per second (kbps), you can specify bandwidth as a percentage of either the available bandwidth or the total bandwidth. During periods of congestion, the classes are serviced in proportion to their configured bandwidth percentages. The bandwidth percentage is based on the interface bandwidth. Available bandwidth is equal to the interface bandwidth minus the sum of all bandwidths reserved by the Resource Reservation Protocol (RSVP) feature, the IP RTP Priority feature, and the low latency queueing (LLQ) feature.


Note


It is important to remember that when the bandwidth remaining percent command is configured, hard bandwidth guarantees may not be provided and only relative bandwidths are assured. That is, class bandwidths are always proportional to the specified percentages of the interface bandwidth. When the link bandwidth is fixed, class bandwidth guarantees are in proportion to the configured percentages. If the link bandwidth is unknown or variable, the router cannot compute class bandwidth guarantees in kbps.


Specifying Bandwidth as a Percentage for the Cisco 10000 Series Routers

Besides specifying the amount of bandwidth in kilobits per second (kbps), you can specify bandwidth as a percentage of either the available bandwidth or the total bandwidth. During periods of congestion, the classes are serviced in proportion to their configured bandwidth percentages. The minimum bandwidth percentage is based on the nearest parent shape rate.


Note


It is important to remember that when the bandwidth remaining percent command is configured, hard bandwidth guarantees may not be provided and only relative bandwidths are assured. That is, class bandwidths are always proportional to the specified percentages of the interface bandwidth. When the link bandwidth is fixed, class bandwidth guarantees are in proportion to the configured percentages. If the link bandwidth is unknown or variable, the router cannot compute class bandwidth guarantees in kbps.


The router converts the specified bandwidth to the nearest multiple of 1/255 (ESR-PRE1) or 1/65535 (ESR-PRE2) of the interface speed. Use the show policy-map interface command to display the actual bandwidth.

Restrictions for All Supported Platforms

The following restrictions apply to the bandwidth command:

  • The amount of bandwidth configured should be large enough to also accommodate Layer 2 overhead.
  • A policy map can have all the class bandwidths specified in either kbps or percentage, but not both, in the same class. However, the unit for the prioritycommand in the priority class can be different from the bandwidth unit of the nonpriority class.
  • When the bandwidth percent command is configured, and a policy map containing class policy configurations is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed. If a policy map cannot be attached to a particular interface because of insufficient interface bandwidth, the policy is removed from all interfaces to which it was successfully attached. This restriction does not apply to the bandwidth remaining percent command.

Note


With CSCsy73939, if the bandwidth percent command results in a bandwidth value that is lower than the valid range then the policy map specifying this value cannot be attached to an interface, and the router displays the following error message: "service-policy output parent Configured Percent results in out of range kbps. Allowed range is min-valuemax-value. The present CIR value is n."


For more information on bandwidth allocation, see the “Congestion Management Overview” module in the Cisco IOS Quality of Service Solutions Configuration Guide.

Note that when the policy map containing class policy configurations is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed. If a policy map cannot be attached to a particular interface because of insufficient interface bandwidth, then the policy is removed from all interfaces to which it was successfully attached.

Modular QoS CLI Queue Limits

The bandwidth command can be used with MQC to specify the bandwidth for a particular class. When used with MQC, the bandwidth command uses a default queue limit for the class. This queue limit can be modified using the queue-limit command, thereby overriding the default set by the bandwidth command.


Note


To meet the minimum bandwidth guarantees required by interfaces, modify the default queue limit of high-speed interfaces by using the queue-limit command.


Cisco 10000 Series Router

The Cisco 10000 series routers supports the bandwidth command on outbound interfaces only. They do not support this command on inbound interfaces.

On the PRE2, you specify a bandwidth value and a unit for the bandwidth value. Valid values for the bandwidth are from 1 to 2488320000. The units are bps, kbps, mbps, and gbps. The default unit is kbps. For example, the following commands configure a bandwidth of 10000 bps and 10000 kbps on the PRE2:

bandwidth 10000 bps
bandwidth 10000

On the PRE3, youspecify only a bandwidth value. Because the unit is always kbps, the PRE3 does not support the unit argument. Valid values are from 1 to 2000000. For example, the following command configures a bandwidth of 128,000 kbps on the PRE3:

bandwidth 128000

The PRE3 accepts the PRE2 bandwidth command only if the command is used without the unit argument. The PRE3 rejects the PRE2 bandwidth command if the specified bandwidth is outside the valid PRE3 bandwidth value range (1 to 2000000).

Besides specifying the amount of bandwidth in kilobits per second (kbps), you can specify bandwidth as a percentage of either the available bandwidth or the total bandwidth. During periods of congestion, the classes are serviced in proportion to their configured bandwidth percentages. The bandwidth percentage is based on the interface bandwidth. However, in a hierarchical policy the minimum bandwidth percentage is based on the nearest parent shape rate.


Note


When the bandwidth remaining percent command is configured, hard bandwidth guarantees may not be provided and only relative bandwidths are assured. Class bandwidths are always proportional to the specified percentages of the interface bandwidth. When the link bandwidth is fixed, class bandwidth guarantees are in proportion to the configured percentages. If the link bandwidth is unknown or variable, the router cannot compute class bandwidth guarantees in kbps.


The router converts the specified bandwidth to the nearest multiple of 1/255 (PRE1) or 1/65535 (PRE2, PRE3) of the interface speed. Use the show policy-map interface command to display the actual bandwidth.

Overhead Accounting for ATM (Cisco 10000 Series Router)

When configuring ATM overhead accounting, you must specify the BRAS-DSLAM, DSLAM-CPE, and subscriber line encapsulation types. The router supports the following subscriber line encapsulation types:

  • mux-1483routed
  • mux-dot1q-rbe
  • snap-pppoa
  • mux-rbe
  • snap-1483routed
  • snap-dot1q-rbe
  • mux-pppoa
  • snap-rbe

The router calculates the offset size unless you specify the user-defined offset option.

For hierarchical policies, configure ATM overhead accounting in the following ways:

  • Enabled on parent--If you enable ATM overhead accounting on a parent policy, you are not required to enable accounting on the child policy.
  • Enabled on child and parent--If you enable ATM overhead accounting on a child policy, then you must enable ATM overhead accounting on the parent policy.

The encapsulation types must match for the child and parent policies.

The user-defined offset values must match for the child and parent policies.

Examples

Examples

Cisco 10000 Series Router: Example

In the following example, the policy map named VLAN guarantees 30 percent of the bandwidth to the class named Customer1 and 60 percent of the bandwidth to the class named Customer2. If you apply the VLAN policy map to a 1-Mbps link, 300 kbps (30 percent of 1 Mbps) is guaranteed to class Customer1 and 600 kbps (60 percent of 1 Mbps) is guaranteed to class Customer2, with 100 kbps remaining for the class-default class. If the class-default class does not need additional bandwidth, the unused 100 kbps is available for use by class Customer1 and class Customer2. If both classes need the bandwidth, they share it in proportion to the configured rates. In this example, the sharing ratio is 30:60 or 1:2:

router(config)# policy-map VLAN
router(config-pmap)# class Customer1
router(config-pmap-c)# bandwidth percent 30
router(config-pmap-c)# exit
router(config-pmap)# class Customer2
router(config-pmap-c)# bandwidth percent 60

Examples

CBWFQ Bandwidth Guarantee: Example

The following example shows how to create a policy map with two classes, shows how bandwidth is guaranteed when only CBWFQ is configured, and shows how to attach the policy to serial interface 3/2/1:

Router(config)# policy-map policy1
Router(config-pmap)# class class1
Router(config-pmap-c)# bandwidth percent 50
Router(config-pmap-c)# exit
Router(config-pmap)# class class2
Router(config-pmap-c)# bandwidth percent 25
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface serial3/2/1
Router(config-if)# service output policy1
Router(config-if)# end

The following output from the show policy-map command shows the configuration for the policy map named policy1:

Router# show policy-map policy1
 
Policy Map policy1
 Class class1
  Weighted Fair Queuing
   Bandwidth 50 (%) Max Threshold 64 (packets)
 Class class2
  Weighted Fair Queuing
   Bandwidth 25 (%) Max Threshold 64 (packets)

The output from the show policy-map interfacecommand shows that 50 percent of the interface bandwidth is guaranteed for the class named class1, and 25 percent is guaranteed for the class named class2. The output displays the amount of bandwidth as both a percentage and a number of kbps.

Router# show policy-map interface serial3/2
 
Serial3/2
Service-policy output:policy1
Class-map:class1 (match-all)
 0 packets, 0 bytes
 5 minute offered rate 0 bps, drop rate 0 bps
 Match:none
 Weighted Fair Queuing
  Output Queue:Conversation 265
  Bandwidth 50 (%)
  Bandwidth 772 (kbps) Max Threshold 64 (packets)
  (pkts matched/bytes matched) 0/0
  (depth/total drops/no-buffer drops) 0/0/0
Class-map:class2 (match-all)
 0 packets, 0 bytes
 5 minute offered rate 0 bps, drop rate 0 bps
 Match:none
 Weighted Fair Queuing
  Output Queue:Conversation 266
  Bandwidth 25 (%)
  Bandwidth 386 (kbps) Max Threshold 64 (packets)
  (pkts matched/bytes matched) 0/0
  (depth/total drops/no-buffer drops) 0/0/0
Class-map:class-default (match-any)
 0 packets, 0 bytes
 5 minute offered rate 0 bps, drop rate 0 bps
 Match:any

In this example, serial interface 3/2 has a total bandwidth of 1544 kbps. During periods of congestion, 50 percent (or 772 kbps) of the bandwidth is guaranteed to the class named class1, and 25 percent (or 386 kbps) of the link bandwidth is guaranteed to the class named class2.

Examples

CBWFQ and LLQ Bandwidth Allocation: Example

In the following example, the interface has a total bandwidth of 1544 kbps. During periods of congestion, 50 percent (or 772 kbps) of the bandwidth is guaranteed to the class named class1, and 25 percent (or 386 kbps) of the link bandwidth is guaranteed to the class named class2.

The following sample output from the show policy-map command shows the configuration of a policy map named p1:

Router# show policy-map p1
Policy Map p1
 Class voice
  Weighted Fair Queuing
   Strict Priority
   Bandwidth 500 (kbps) Burst 12500 (Bytes)
 Class class1
  Weighted Fair Queuing
   Bandwidth remaining 50 (%) Max Threshold 64 (packets)
 Class class2
  Weighted Fair Queuing
   Bandwidth remaining 25 (%) Max Threshold 64 (packets)

The following output from the show policy-map interface command on serial interface 3/2 shows that 500 kbps of bandwidth is guaranteed for the class named voice1. The classes named class1 and class2 receive 50 percent and 25 percent of the remaining bandwidth, respectively. Any unallocated bandwidth is divided proportionally among class1, class2, and any best-effort traffic classes.


Note


In this sample output (unlike many of the others earlier in this section) the bandwidth is displayed only as a percentage for class 1 and class 2. Bandwidth expressed as a number of kbps is not displayed because the percent keyword was used with the bandwidth remaining command. The bandwidth remaining percent command allows you to allocate bandwidth as a relative percentage of the total bandwidth available on the interface.


Router# show policy-map interface serial3/2
 
Serial3/2
Service-policy output:p1
 Class-map:voice (match-all)
  0 packets, 0 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match:ip precedence 5
  Weighted Fair Queuing
   Strict Priority
   Output Queue:Conversation 264
   Bandwidth 500 (kbps) Burst 12500 (Bytes)
   (pkts matched/bytes matched) 0/0
   (total drops/bytes drops) 0/0
 Class-map:class1 (match-all)
  0 packets, 0 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match:none
  Weighted Fair Queuing
   Output Queue:Conversation 265
   Bandwidth remaining 50 (%) Max Threshold 64 (packets)
   (pkts matched/bytes matched) 0/0
   (depth/total drops/no-buffer drops) 0/0/0
 Class-map:class2 (match-all)
  0 packets, 0 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match:none
  Weighted Fair Queuing
   Output Queue:Conversation 266
   Bandwidth remaining 25 (%) Max Threshold 64 (packets)
   (pkts matched/bytes matched) 0/0
   (depth/total drops/no-buffer drops) 0/0/0
 Class-map:class-default (match-any)
  0 packets, 0 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match:any	

Examples

Traffic Shaping Overhead Accounting for ATM: Example

When a parent policy has ATM overhead accounting enabled, you are not required to enable ATM overhead accounting on a child traffic class that does not contain the bandwidth or shape command. In the following configuration example, ATM overhead accounting is enabled for bandwidth on the gaming and class-default class of the child policy map named subscriber_classes and on the class-default class of the parent policy map named subscriber_line. The voip and video classes do not have ATM overhead accounting explicitly enabled; these priority queues have overhead accounting implicitly enabled because ATM overhead accounting is enabled on the parent policy. Notice that the features in the parent and child policies use the same encapsulation type.

Router(config)# policy-map subscriber_classes
Router(config-pmap)# class voip
Router(config-pmap-c)# priority level 1
Router(config-pmap-c)# police 8000
Router(config-pmap-c)# exit
Router(config-pmap)# class video
Router(config-pmap-c)# priority level 2
Router(config-pmap-c)# police 20
Router(config-pmap-c)# exit
Router(config-pmap)# class gaming
Router(config-pmap-c)# bandwidth remaining percent 80 account aal5 snap-rbe-dot1q
Router(config-pmap-c)# exit
Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth remaining percent 20 account aal5 snap-rbe-dot1q
Router(config-pmap-c)# policy-map subscriber_line
Router(config-pmap-c)# exit
Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth remaining ratio 10 account aal5 snap-rbe-dot1q
Router(config-pmap-c)# shape average 512 account aal5 snap-rbe-dot1q
Router(config-pmap-c)# service policy subscriber_classes

In the following example, the router uses 20 overhead bytes and ATM cell tax in calculating ATM overhead. The child and parent policies contain the required matching offset values. The parent policy is attached to virtual template 1.

Router(config)# policy-map child
Router(config-pmap)# class class1
Router(config-pmap-c)# bandwidth 500 account user-defined 20 atm
Router(config-pmap-c)# exit
Router(config-pmap)# class class2 
Router(config-pmap-c)# shape average 30000 account user-defined 20 atm
Router(config-pmap)# exit
Router(config)# exit
Router(config)#

Related Commands

Command

Description

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.

class-map

Creates a class map to be used for matching packets to a specified class.

max-reserved-bandwidth

Changes the percent of interface bandwidth allocated for CBWFQ, LLQ, and IP RTP Priority.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

priority

Specifies the priority of a class of traffic belonging to a policy map.

queue-limit

Specifies or modifies the maximum number of packets the queue can hold for a class policy configured in a policy map.

random-detect (interface)

Enables WRED or DWRED.

random-detect exponential-weighting- constant

Configures the WRED and DWRED exponential weight factor for the average queue size calculation.

random-detect precedence

Configures WRED and DWRED parameters for a particular IP precedence.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.

bandwidth remaining ratio

To specify a bandwidth-remaining ratio for class-level or subinterface-level queues to be used during congestion to determine the amount of excess bandwidth (unused by priority traffic) to allocate to nonpriority queues, use thebandwidthremainingratio command in policy-map class configuration mode. To remove the bandwidth-remaining ratio, use the no form of this command.

bandwidth remaining ratio ratio

no bandwidth remaining ratio ratio

bandwidth remaining ratio ratio [ account { qinq | dot1q } [aal5] { subscriber-encapsulation | user-defined offset } ]

no bandwidth remaining ratio ratio [ account { qinq | dot1q } [aal5] { subscriber-encapsulation | user-defined offset } ]

bandwidth remaining ratio ratio

no bandwidth remaining ratio ratio

Syntax Description

ratio

Relative weight of this subinterface or class queue with respect to other subinterfaces or class queues. Valid values are from 1 to 1000. At the subinterface level, the default value is platform dependent. At the class queue level, the default is 1.

Cisco 7300 Series Router, Cisco 7600 Series Router, and Cisco 10000 Series Router

ratio

Relative weight of this subinterface or class queue with respect to other subinterfaces or class queues.

Note   

For the Cisco 7300 series router and 7600 series router, valid values are from 1 to 10000, and the default value is 1.

Note   

For the Cisco 10000 series router, valid values are from 1 to 1000, and the default is 1.

account

(Optional) Enables ATM overhead accounting.

qinq

(Optional) Specifies queue-in-queue encapsulation as the Broadband Remote Access Server - Digital Subscriber Line Access Multiplexer (BRAS-DSLAM) encapsulation type.

dot1q

(Optional) Specifies IEEE 802.1Q VLAN encapsulation as the BRAS-DSLAM encapsulation type.

aal5

(Optional) Specifies the ATM adaptation layer 5 that supports connection-oriented variable bit rate (VBR) services.

subscriber-encapsulation

(Optional) Specifies the encapsulation type at the subscriber line. Encapsulation type varies according to subscriber line.

user-defined offset

(Optional) Specifies the offset size, in bytes, that the router uses when calculating the ATM overhead.

Note   

For the Cisco 7300 series router and 7600 series router, valid values are from -48 to +48.

Note   

For the Cisco 10000 series router, valid values are from -63 to +63.

Cisco ASR 1000 Series Routers

ratio

Relative weight of this subinterface or class queue with respect to other subinterfaces or class queues. Valid values are from 1 to 1000. At the subinterface level and class-queue level, the default is 1.

Cisco 10000 Series Router

For most platforms, the default bandwidth ratio is 1.

When you use default bandwidth-remaining ratios at the subinterface level, the Cisco 10000 series router distinguishes between interface types. At the subinterface level, the default bandwidth-remaining ratio is 1 for VLAN subinterfaces and Frame Relay Data Link Connection Identifiers (DLCI). For ATM subinterfaces, the router computes the default bandwidth-remaining ratio based on the subinterface speed.

When you use default bandwidth-remaining ratios at the class level, the Cisco 10000 series router makes no distinction between interface types. At the class level, the default bandwidth-remaining ratio is 1.

Command Modes


Policy-map class (config-pmap-c)

Command History

Release

Modification

12.2(31)SB2

This command was introduced. This command was implemented on the Cisco 10000 series router for the PRE3.

12.2(33)SRC

This command was modified. It was implemented on the Cisco 7600 series routers. Additional keywords and arguments were added to support ATM overhead accounting (optional) on the Cisco 7600 series router and the Cisco 10000 series router for the PRE3.

12.2(33)SB

This comand was modified. Support for the Cisco 7300 series routers was added. The additional keyword and arguments associated with ATM overhead accounting were also supported.

Cisco IOS XE Release 2.1

This command was integrated into Cisco IOS XE Release 2.1.

Usage Guidelines

Cisco 10000 Series Router

The scheduler uses the ratio specified in the bandwidthremainingratio command to determine the amount of excess bandwidth (unused by priority traffic) to allocate to a class-level queue or a subinterface-level queue during periods of congestion. The scheduler allocates the unused bandwidth relative to other queues or subinterfaces.

The bandwidthremainingratio command cannot coexist with another bandwidth command in different traffic classes of the same policy map. For example, the following configuration is not valid and causes an error message to display:

policy-map Prec1
 class precedence_0
  bandwidth remaining ratio 10
 class precedence_2
  bandwidth 1000

For the PRE2, the bandwidthremainingratio command can coexist with another bandwidth command in the same class of a policy map. On the PRE3, the bandwidthremainingratio command cannot coexist with another bandwidthcommand in the same class. For example, the following configuration is not valid on the PRE3 and causes an error message to display:

policy-map Prec1
 class precedence_0
  bandwidth 1000
  bandwidth remaining ratio 10

In a hierarchical policy map in which the parent policy has only the class-default class defined with a child queuing policy applied, the router accepts only the bandwidthremainingratio form of the bandwidth command in the class-default class.

The bandwidthremainingratio command cannot coexist with the priority command in the same class. For example, the following configuration is not valid and causes an error message to display:

policy-map Prec1
 class precedence_1
  priority
  police percent 30
  bandwidth remaining ratio 10

All of the queues for which the bandwidthremainingratio command is not specified receive the platform-specified minimum bandwidth-remaining ratio. The router determines the minimum committed information rate (CIR) based on the configuration.

ATM Overhead Accounting (Optional)

The bandwidthremainingratio command can also be used to enable ATM overhead accounting. To enable ATM overhead accounting, use the account keyword and the subsequent keywords and arguments as documented in the Syntax Description table.

Cisco 7200 Series Routers

Thebandwidthremainingratio command is not supported on the Cisco 7200 series routers. If you have upgraded from Cisco IOS Release 12.2(33)SRD to Cisco IOS Release 12.2(33)SRE, you may see parser errors when you run this command. You can use the bandwidthremainingpercent command in place of the bandwidthremainingratiocommand on Cisco 7200 series routers to achieve the same functionality.

Examples

Examples

Cisco 7300 Series Router, Cisco 7600 Series Router, and Cisco 10000 Series Router

The following example shows how to configure a bandwidth-remaining ratio on an ATM subinterface. In the example, the router guarantees a peak cell rate of 50 Mbps for the variable bit rate nonreal-time (VBR-nrt) PVC 0/200. During periods of congestion, the subinterface receives a share of excess bandwidth (unused by priority traffic) based on the bandwidth-remaining ratio of 10, relative to the other subinterfaces configured on the physical interface.

policy-map Child
 class precedence_0
  bandwidth 10000
 class precedence_1
  shape average 100000
  bandwidth 100
!
policy-map Parent
 class class-default
  bandwidth remaining ratio 10
  shape average 20000000
  service-policy Child
!
interface ATM2/0/3.200 point-to-point
 ip address 10.20.1.1 255.255.255.0
 pvc 0/200
 protocol ip 10.20.1.2
 vbr-nrt 50000
 encapsulation aal5snap
 service-policy output Parent

The following example shows how to configure bandwidth remaining ratios for individual class queues. Some of the classes configured have bandwidth guarantees and a bandwidth-remaining ratio explicitly specified. When congestion occurs within a subinterface level, the class queues receive excess bandwidth (unused by priority traffic) based on their class-level bandwidth-remaining ratios: 20, 30, 120, and 100, respectively, for the precedence_0, precedence_1, precedence_2, and precedence_5 classes. Normally, the precedence_3 class (without a defined ratio) would receive bandwidth based on the bandwidth-remaining ratio of the class-default class defined in the Child policy. However, in the example, the Child policy does not define a class-default bandwidth remaining ratio. Therefore, the router uses a ratio of 1 to allocate excess bandwidth to precedence_3 traffic.

policy-map Child
 class precedence_0
  shape average 100000
  bandwidth remaining ratio 20
 class precedence_1
  shape 10000
  bandwidth remaining ratio 30
 class precedence_2
  shape average 200000
  bandwidth remaining ratio 120
 class precedence_3
  set ip precedence 3
 class precedence_5
  set ip precedence 5
  bandwidth remaining ratio 100
policy-map Parent
 class class-default
  bandwidth remaining ratio 10
  service-policy Child
!
interface GigabitEthernet 2/0/1.10
 encapsulation dot1q 10
 service-policy output Parent

Examples

Overhead Accounting: Example

The following example shows how to configure overhead accounting by using the optional accountkeyword and associated keywords and arguments:

policy-map subscriber_line
 class class-default
  bandwidth remaining ratio 10 account dot1q aal5 snap-rbe-dot1q
  shape average 512 account dot1q 
aal5 snap-rbe-dot1q
  service policy subscriber_classes

Related Commands

Command

Description

bandwidth remaining percent

Specifies a bandwidth-remaining percentage for class-level or subinterface-level queues to be used during congestion to determine the amount of excess bandwidth (unused by priority traffic) to allocate to nonpriority queues.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.

class (policy-map)

To specify the name of the class whose policy you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy, use the classcommand in policy-map configuration mode. To remove a class from the policy map, use the no form of this command.

class { class-name | class-default [ fragment fragment-class-name ] } [ insert-before class-name ] [ service-fragment fragment-class-name ]

no class { class-name | class-default }

Syntax Description

class-name

Name of the class to be configured or whose policy is to be modified. The class name is used for both the class map and to configure a policy for the class in the policy map.

class-default

Specifies the default class so that you can configure or modify its policy.

fragment f ragment-class-name

(Optional) Specifies the default traffic class as a fragment, and names the fragment traffic class.

insert-before class-name

(Optional) Adds a class map between any two existing class maps.

Inserting a new class map between two existing class map provides more flexibility when modifying existing policy map configurations. Without this option, the class map is appended to the end of the policy map.

This keyword is supported only on flexible packet matching (FPM) policies.

service-fragment fragment-class-name

(Optional) Specifies that the class is classifying a collection of fragments. The fragments being classified by this class must all share the same fragment-class-name.

Command Default

No class is specified.

Command Modes


Policy-map configuration (config-pmap)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(5)XE

This command was integrated into Cisco IOS Release 12.0(5)XE.

12.0(7)S

This command was integrated into Cisco IOS Release 12.0(7)S.

12.1(1)E

This command was integrated into Cisco IOS Release 12.1(1)E.

12.2(14)SX

Support for this command was introduced on Cisco 7600 routers.

12.2(17d)SXB

This command was implemented on the Cisco 7600 router and integrated into Cisco IOS Release 12.2(17d)SXB.

12.2(18)SXE

The class-default keyword was added to the Cisco 7600 router.

12.4(4)T

Theinsert-beforeclass-name option was added.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(31)SB2

This command was introduced on the PRE3 for the Cisco 10000 series router.

12.2(18)ZY

The insert-beforeclass-name option was integrated into Cisco IOS Release 12.2(18)ZY on the Catalyst 6500 series of switches equipped with the Programmable Intelligent Services Accelerator (PISA).

Cisco IOS XE Release 2.1

This command was implemented on Cisco ASR 1000 series routers. The fragmentfragment-class-name and service-fragmentfragment-class-name options were introduced.

Usage Guidelines

Policy Map Configuration Mode

Within a policy map, the class(policy-map)command can be used to specify the name of the class whose policy you want to create or change. First, the policy map must be identified.

To identify the policy map (and enter the required policy-map configuration mode), use the policy-map command before you use the class(policy-map)command. After you specify a policy map, you can configure policy for new classes or modify the policy for any existing classes in that policy map.

Class Characteristics

The class name that you specify in the policy map ties the characteristics for that class--that is, its policy--to the class map and its match criteria, as configured using the class-map command.

When you configure policy for a class and specify its bandwidth and attach the policy map to an interface, class-based weighted fair queueing (CBWFQ) determines if the bandwidth requirement of the class can be satisfied. If so, CBWFQ allocates a queue for the bandwidth requirement.

When a class is removed, available bandwidth for the interface is incremented by the amount previously allocated to the class.

The maximum number of classes that you can configure for a router--and, therefore, within a policy map--is 64.

Predefined Default Class

The class-default keyword is used to specify the predefined default class called class-default. The class-default class is the class to which traffic is directed if that traffic does not match any of the match criteria in the configured class maps.

Tail Drop or WRED

You can define a class policy to use either tail drop by using the queue-limit command or Weighted Random Early Detection (WRED) by using the random-detect command. When using either tail drop or WRED, note the following points:

  • The queue-limit and random-detect commands cannot be used in the same class policy, but they can be used in two class policies in the same policy map.
  • You can configure the bandwidth command when either the queue-limit command or the random-detect command is configured in a class policy. The bandwidth command specifies the amount of bandwidth allocated for the class.
  • For the predefined default class, you can configure the fair-queue (class-default) command. The fair-queue command specifies the number of dynamic queues for the default class. The fair-queue command can be used in the same class policy as either the queue-limit command or the random-detect command. It cannot be used with the bandwidth command.

Fragments

A default traffic class is marked as a fragment within a policy map class statement using the fragmentkeyword. Multiple fragments can then be classified collectively in a separate policy map that is created using the service-fragment keyword. When fragments are used, default traffic classes marked as fragments have QoS applied separately from the non-default traffic classes.

When using fragments, note the following guidelines:

  • Only default traffic classes can be marked as fragments.
  • Thefragmentfragment-class-nameoption within a default class statement marks that default class as a fragment.
  • Theservice-fragmentfragment-class-nameoption when defining a class in a policy map is used to specify a class of traffic within the Modular QoS CLI that contains all fragments sharing the same fragment-class-name.
  • Fragments can only be used within the same physical interface. Policy maps with fragments sharing the same fragment-class-name on different interfaces cannot be classified collectively using a class with the service-fragmentfragment-class-name option.

Cisco 10000 Series Router

The PRE2 allows you to configure 31 class queues in a policy map.

In a policy map, the PRE3 allows you to configure one priority level 1 queue, plus one priority level 2 queue, plus 12 class queues, plus one default queue.

Cisco ASR 1000 Series Routers

The maximum number of classes that you can configure for a Cisco ASR 1000 Series Router--and, therefore, within a policy map--is 8.

Examples

The following example shows how to configure three class policies included in the policy map called policy1. Class1 specifies policy for traffic that matches access control list 136. Class2 specifies policy for traffic on interface ethernet101. The third class is the default class to which packets that do not satisfy configured match criteria are directed:

! The following commands create class-maps class1 and class2 
! and define their match criteria:
class-map class1
 match access-group 136
class-map class2
 match input-interface ethernet101
! The following commands create the policy map, which is defined to contain policy
! specification for class1, class2, and the default class:
policy-map policy1
Router(config)# policy-map policy1
Router(config-pmap)# class class1
Router(config-pmap-c)# bandwidth 2000
Router(config-pmap-c)# queue-limit 40
Router(config-pmap)# class class2
Router(config-pmap-c)# bandwidth 3000
Router(config-pmap-c)# random-detect
Router(config-pmap-c)# random-detect exponential-weighting-constant 10
Router(config-pmap)# class class-default
Router(config-pmap-c)# fair-queue 16
Router(config-pmap-c)# queue-limit 20
  • Class1--A minimum of 2000 kbps of bandwidth is expected to be delivered to this class in the event of congestion, and the queue reserved for this class can enqueue 40 packets before tail drop is enacted to handle additional packets.
  • Class2--A minimum of 3000 kbps of bandwidth is expected to be delivered to this class in the event of congestion, and a weight factor of 10 is used to calculate the average queue size. For congestion avoidance, WRED packet drop is used, not tail drop.
  • The default class--16 dynamic queues are reserved for traffic that does not meet the match criteria of other classes whose policy is defined by the policy map called policy1, and a maximum of 20 packets per queue is enqueued before tail drop is enacted to handle additional packets.

Note


When the policy map that contains these classes is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed, taking into account all class policies and Resource Reservation Protocol (RSVP), if configured.


The following example shows how to configure policy for the default class included in the policy map called policy8. The default class has these characteristics:20 dynamic queues are available for traffic that does not meet the match criteria of other classes whose policy is defined by the policy map called policy8, and a weight factor of 14 is used to calculate the average queue size. For congestion avoidance, WRED packet drop is used, not tail drop:

Router(config)# policy-map policy8
Router(config-pmap)# class class-default
Router(config-pmap-c)# fair-queue 20
Router(config-pmap-c)# random-detect exponential-weighting-constant 14

The following example shows how to configure policy for a class called acl136 included in the policy map called policy1. Class acl136 has these characteristics:a minimum of 2000 kbps of bandwidth is expected to be delivered to this class in the event of congestion, and the queue reserved for this class can enqueue 40 packets before tail drop is enacted to handle additional packets. Note that when the policy map that contains this class is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed, taking into account all class policies and RSVP, if configured:

Router(config)# policy-map policy1
Router(config-pmap)# class acl136
Router(config-pmap-c)# bandwidth 2000
Router(config-pmap-c)# queue-limit 40

The following example shows how to configure policy for a class called int101 included in the policy map called policy8. Class int101 has these characteristics:a minimum of 3000 kbps of bandwidth are expected to be delivered to this class in the event of congestion, and a weight factor of 10 is used to calculate the average queue size. For congestion avoidance, WRED packet drop is used, not tail drop. Note that when the policy map that contains this class is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed:

Router(config)# policy-map policy8
Router(config-pmap)# class int101
Router(config-pmap-c)# bandwidth 3000
Router(config-pmap-c)# random-detect exponential-weighting-constant 10

The following example shows how to configure policy for the class-default default class included in the policy map called policy1. The class-default default class has these characteristics:10 hashed queues for traffic that does not meet the match criteria of other classes whose policy is defined by the policy map called policy1; and a maximum of 20 packets per queue before tail drop is enacted to handle additional enqueued packets:

Router(config)# policy-map policy1
Router(config-pmap)# class class-default
Router(config-pmap-c)# fair-queue
Router(config-pmap-c)# queue-limit 20

The following example shows how to configure policy for the class-default default class included in the policy map called policy8. The class-default default class has these characteristics:20 hashed queues for traffic that does not meet the match criteria of other classes whose policy is defined by the policy map called policy8; and a weight factor of 14 is used to calculate the average queue size. For congestion avoidance, WRED packet drop is used, not tail drop:

Router(config)# policy-map policy8
Router(config-pmap)# class class-default
Router(config-pmap-c)# fair-queue 20
Router(config-pmap-c)# random-detect exponential-weighting-constant 14

The following example shows how to configure FPM for blaster packets. The class map contains the following match criteria: TCP port 135, 4444 or UDP port 69; and pattern 0x0030 at 3 bytes from start of IP header:

load protocol disk2:ip.phdf
load protocol disk2:tcp.phdf
load protocol disk2:udp.phdf 
class-map type stack match-all ip-tcp
 match field ip protocol eq 0x6 next tcp
class-map type stack match-all ip-udp
 match field ip protocol eq 0x11 next udp
class-map type access-control match-all blaster1
 match field tcp dest-port eq 135
 match start 13-start offset 3 size 2 eq 0x0030
class-map type access-control match-all blaster2
 match field tcp dest-port eq 4444
Router(config-cmap)# match start 13-start offset 3 size 2 eq 0x0030
class-map type access-control match-all blaster3
 match field udp dest-port eq 69
 match start 13-start offset 3 size 2 eq 0x0030
policy-map type access-control fpm-tcp-policy
 class blaster1
 drop
 class blaster2
 drop
policy-map type access-control fpm-udp-policy
 class blaster3
 drop
policy-map type access-control fpm-policy
 class ip-tcp
 service-policy fpm-tcp-policy
 class ip-udp
 service-policy fpm-udp-policy
interface gigabitEthernet 0/1
 service-policy type access-control input fpm-policy

The following example shows how to create a fragment class of traffic to classify the default traffic class named BestEffort. All default traffic from the policy maps named subscriber1 and subscriber2 is part of the fragment default traffic class named BestEffort. This default traffic is then shaped collectively by creating a class called data that uses the service-fragment keyword and the shape command:

Note the following about this example:

  • The class-name for each fragment default traffic class is “BestEffort.”
  • Theclass-name of “BestEffort” is also used to define the class where theservice-fragmentkeyword is entered. This class applies a shaping policy to all traffic forwarded using the fragment default traffic classes named “BestEffort.”
policy-map subscriber1
class voice
set cos 5
priority level 1
class video
set cos 4
priority level 2
class class-default fragment BestEffort
shape average 200
bandwidth remaining ratio 10
policy-map subscriber 2
class voice
set cos 5
priority level 1
class video
set cos 4
priority level 2
class class-default fragment BestEffort
shape average 200
bandwidth remaining ratio 10
policy-map input_policy
class class-default
set dscp default
policy-map main-interface
class data service-fragment BestEffort
shape average 400
interface portchannel1.1001
encapsulation dot1q 1001service-policy output subscriber1
service-policy input input_policy
interface portchannel1.1002
encapsulation dot1q 1002
service-policy output subscriber2
service-policy input input_policy
interface gigabitethernet 0/1
description member-link1
port channel 1
service-policy output main-interface
interface gigabitethernet 0/2
description member-link2
port channel 1

service-policy output main-interface

Related Commands

Command

Description

bandwidth (policy-map class)

Specifies or modifies the bandwidth allocated for a class belonging to a policy map.

class-map

Creates a class map to be used for matching packets to a specified class.

fair-queue (class-default)

Specifies the number of dynamic queues to be reserved for use by the class-default class as part of the default class policy.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

queue-limit

Specifies or modifies the maximum number of packets the queue can hold for a class policy configured in a policy map.

random-detect (interface)

Enables WRED or DWRED.

random-detect exponential-weighting-constant

Configures the WRED and DWRED exponential weight factor for the average queue size calculation.

random-detect precedence

Configures WRED and DWRED parameters for a particular IP Precedence.

class-map

To create a class map to be used for matching packets to a specified class and to enter QoS class-map configuration mode, use the class-map command in global configuration mode. To remove an existing class map from a device, use the no form of this command.

Cisco 2600, 3660, 3845, 6500, 7200, 7401, and 7500 Series Routers

class-map [ type { stack | access-control | port-filter | queue-threshold | logging log-class } ] [ match-all | match-any ] class-map-name

no class-map [ type { stack | access-control | port-filter | queue-threshold | logging log-class } ] [ match-all | match-any ] class-map-name

Cisco 7600 Series Routers

class-map class-map-name [ match-all | match-any ]

no class-map class-map-name [ match-all | match-any ]

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

class-map class-map-name

no class-map class-map-name

Syntax Description

type

(Optional) Specifies the class-map type.

stack

(Optional) Enables the flexible packet matching (FPM) functionality to determine the protocol stack to examine.

When you use the load protocol command to load protocol header description files (PHDFs) on the device, a stack of protocol headers can be defined so that the filter can determine which headers are present and in what order.

access-control

(Optional) Determines the pattern to look for in the configured protocol stack.

Note   

You must specify a stack class map (by using the type stack keywords) before specifying an access-control class map (by using the type access-control keywords).

port-filter

(Optional) Creates a port-filter class map that enables the TCP or UDP port policing of control plane packets. When this keyword is enabled, the command filters the traffic that is destined to specific ports on the control-plane host subinterface.

queue-threshold

(Optional) Enables queue thresholding, which limits the total number of packets for a specified protocol allowed in the control plane IP input queue. The queue-thresholding applies only to the control-plane host subinterface.

logging log-class

(Optional) Enables the logging of packet traffic on the control plane. The value for the log-class argument is the name of the log class.

match-all

(Optional) Determines how packets are evaluated when multiple match criteria exist. Matches statements under this class map based on the logical AND function. A packet must match all statements to be accepted. If you do not specify the match-all or match-any keyword, the default keyword used is match-all.

match-any

(Optional) Determines how packets are evaluated when multiple match criteria exist. Matches statements under this class map based on the logical OR function. A packet must match any of the match statements to be accepted. If you do not specify the match-any or match-all keyword, the default keyword is used match-all.

class-map-name

Name of the class for the class map. The class name is used for both the class map and to configure a policy for the class in the policy map.

Note   

You can enter the value for the class-map-name argument within quotation marks. The software does not accept spaces in a class map name entered without quotation marks.

Command Default

A class map is not configured.

Command Modes


Global configuration (config)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(5)XE

This command was integrated into Cisco IOS Release 12.0(5)XE.

12.0(7)S

This command was integrated into Cisco IOS Release 12.0(7)S.

12.1(1)E

This command was integrated into Cisco IOS Release 12.1(1)E.

12.2(14)SX

This command was integrated into Cisco IOS Release 12.2(14)SX and implemented on Cisco 7600 series routers.

12.2(17d)SXB

This command was integrated into Cisco IOS Release 12.2(17d)SXB and implemented on Cisco 7600 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.4(4)T

This command was modified. The stack and access-control keywords were added to support FPM. The port-filter and queue-threshold keywords were added to support control-plane protection.

12.4(6)T

This command was modified. The logging log-class keyword and argument pair was added to support control-plane packet logging.

12.2(18)ZY

This command was modified. The stack and access-control keywords were integrated into Cisco IOS Release 12.2(18)ZY on Catalyst 6500 series switches equipped with the programmable intelligent services accelerator (PISA).

Cisco IOS XE Release 2.1

This command was integrated into Cisco IOS XE Release 2.1 and implemented on Cisco ASR 1000 Series Aggregation Services Routers.

15.1(3)T

This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor with the class-map-name argument as the only syntax element available.

12.2(58)SE

This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor with the class-map-name argument.

12.2(33)SCF

This command was integrated into Cisco IOS Release 12.2(33)SCF.

15.2(3)T

This command was modified. The software does not accept spaces in a class map name entered without quotation marks.

15.1(2)SNG

This command was integrated into Cisco ASR 901 Series Aggregation Services Routers.

Usage Guidelines

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

Only the class-map-name argument is available.

Cisco 2600, 3660, 3845, 6500, 7200, 7401, 7500, and ASR 1000 Series Routers

Use the class-map command to specify the class that you will create or modify to meet the class-map match criteria. This command enters QoS class-map configuration mode in which you can enter one or more match commands to configure the match criteria for this class. Packets that arrive at either the input interface or the output interface (determined by how the service-policy command is configured) are checked against the match criteria that are configured for a class map to determine if packets belong to that class.

When configuring a class map, you can use one or more match commands to specify the match criteria. For example, you can use the match access-group command, the match protocol command, or the match input-interface command. The match commands vary according to the Cisco software release. For more information about match criteria and match commands, see the “Modular Quality of Service Command-Line Interface (CLI) (MQC)” chapter of the Cisco IOS Quality of Service Solutions Configuration Guide.

Cisco 7600 Series Routers

Apply the class-map command and commands available in QoS class-map configuration mode on a per-interface basis to define packet classification, marking, aggregating, and flow policing as part of a globally named service policy.

You can attach a service policy to an EtherChannel. Do not attach a service policy to a port that is a member of an EtherChannel.

When a device is in QoS class-map configuration mode, the following configuration commands are available:

  • description—Specifies the description for a class-map configuration.
  • exit—Exits from QoS class-map configuration mode.
  • match—Configures classification criteria.
  • no—Removes a match statement from a class map.

The following commands appear in the CLI help but are not supported on LAN interfaces or WAN interfaces on Optical Service Modules (OSMs):

  • destination-address mac mac-address
  • input-interface {interface-type interface-number | null number | vlan vlan-id}
  • protocol link-type
  • source-address mac mac-address

OSMs are not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 32.

Policy Feature Card (PFC) QoS does not support the following commands:

  • destination-address mac mac-address
  • input-interface {interface-type interface-number | null number | vlan vlan-id}
  • protocol link-type
  • qos-group group-value
  • source-address mac mac-address

If you enter these commands, PFC QoS does not detect unsupported keywords until you attach a policy map to an interface. When you try to attach the policy map to an interface, an error message is generated. For additional information, see the Cisco 7600 Series Router Cisco IOS Software Configuration Guide and Cisco IOS command references.

After configuring the class-map name and the device you can enter the match access-group and match ip dscp commands in QoS class-map configuration mode. The syntax for these commands is as follows:

match [access-group {acl-index | acl-name} | ip dscp | precedence} value]

See the table below for a description of match command keywords.

Table 1 match command Syntax Description

Optional command

Description

access-group acl-index | acl-name

(Optional) Specifies the access list index or access list names. Valid access list index values are from 1 to 2699.

access-group acl-name

(Optional) Specifies the named access list.

ip dscp value1 value2 ... value8

(Optional) Specifies IP differentiated services code point (DSCP) values to match. Valid values are from 0 to 63. You can enter up to eight DSCP values separated by spaces.

ip precedence value1 value2 ... value8

(Optional) Specifies the IP precedence values to match. Valid values are from 0 to 7. You can enter up to eight precedence values separated by spaces.

Examples

The following example shows how to specify class101 as the name of a class and define a class map for this class. The class named class101 specifies policy for the traffic that matches ACL 101.

Device(config)# class-map class101
Device(config-cmap)# match access-group 101
Device(config-cmap)# end

The following example shows how to define FPM traffic classes for slammer and UDP packets. The match criteria defined within class maps are for slammer and UDP packets with an IP length that does not exceed 404 (0x194) bytes, UDP port 1434 (0x59A), and pattern 0x4011010 at 224 bytes from the start of the IP header.

Device(config)# load protocol disk2:ip.phdf
Device(config)# load protocol disk2:udp.phdf
Device(config)# class-map type stack match-all ip-udp
Device(config-cmap)# description “match UDP over IP packets”
Device(config-cmap)# match field ip protocol eq 0x11 next udp
Device(config-cmap)#exit
Device(config)# class-map type access-control match-all slammer
Device(config-cmap)# description “match on slammer packets”
Device(config-cmap)# match field udp dest-port eq 0x59A
Device(config-cmap)# match field ip length eq 0x194
Device(config-cmap)# match start 13-start offset 224 size 4 eq 0x 4011010
Device(config-cmap)# end

The following example shows how to configure a port-filter policy to drop all traffic that is destined to closed or “nonlistened” ports except Simple Network Management Protocol (SNMP):

Device(config)# class-map type port-filter pf-class
Device(config-cmap)# match not port udp 123
Device(config-cmap)# match closed-ports
Device(config-cmap)# exit
Device(config)# policy-map type port-filter pf-policy
Device(config-pmap)# class pf-class
Device(config-pmap-c)# drop
Device(config-pmap-c)# end

The following example shows how to configure a class map named ipp5 and enter a match statement for IP precedence 5:

Device(config)# class-map ipp5
Device(config-cmap)# match ip precedence 5

Examples

Setting Up a Class Map Inside an 802.1p Domain

The following example shows how to set up a class map and match traffic classes for the 802.1p domain with packet class of service (CoS) values:

Device> enable
Device# configure terminal
Device(config)# class-map cos1
Device(config-cmap)# match cos 0
Device(config-pmap-c)# end

Examples

Setting Up a Class Map Inside an MPLS Domain

The following example shows how to set up a class map and match traffic classes for the Multiprotocol Label Switching (MPLS) domain with packet experimental (EXP) values:

Device> enable
Device# configure terminal
Device(config)# class-map exp7
Device(config-cmap)# match mpls experimental topmost 2
Device(config-pmap-c)# end

Related Commands

Command

Description

description

Specifies the description for a class map or policy map configuration.

drop

Configures the traffic class to discard packets belonging to a specific class map.

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class before you configure its policy.

load protocol

Loads a PHDF onto a router.

match (class-map)

Configures the match criteria for a class map on the basis of port filter or protocol queue policies.

match access-group

Configures the match criteria for a class map on the basis of the specified ACL.

match input-interface

Configures a class map to use the specified input interface as a match criterion.

match ip dscp

Identifies one or more DSCP, AF, and CS value as a match criterion.

match mpls experimental

Configures a class map to use the specified EXP field value as a match criterion.

match protocol

Configures the match criteria for a class map on the basis of the specified protocol.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

protocol

Configures a timer and authentication method for a control interface.

qos-group

Associates a QoS group value for a class map.

service-policy

Attaches a policy map to an input interface or VC or to an output interface or VC to be used as the service policy for that interface or VC.

show class-map

Displays class map information.

show policy-map interface

Displays statistics and configurations of input and output policies that are attached to an interface.

source-address

Configures the source-address control on a port.

dscp

To change the minimum and maximum packet thresholds for the differentiated services code point (DSCP) value, use the dscp command in random-detect-group configuration mode. To return the minimum and maximum packet thresholds to the default for the DSCP value, use the no form of this command.

dscp dscp-value min-threshold max-threshold [mark-probability-denominator]

no dscp dscp-value min-threshold max-threshold [mark-probability-denominator]

Syntax Description

dscp-value

Specifies the DSCP value. The DSCP value can be a number from 0 to 63, or it can be one of the following keywords: ef, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, or cs7.

min-threshold

Minimum threshold in number of packets. The value range of this argument is from 1 to 4096. When the average queue length reaches the minimum threshold, Weighted Random Early Detection (WRED) randomly drops some packets with the specified DSCP value.

max-threshold

Maximum threshold in number of packets. The value range of this argument is the value of the min-threshold argument to 4096. When the average queue length exceeds the maximum threshold, WRED drops all packets with the specified DSCP value.

mark-probability-denominator

(Optional) Denominator for the fraction of packets dropped when the average queue depth is at the maximum threshold. For example, if the denominator is 512, one out of every 512 packets is dropped when the average queue is at the maximum threshold. The value range is from 1 to 65536. The default is 10; one out of every ten packets is dropped at the maximum threshold.

Command Default

If WRED is using the DSCP value to calculate the drop probability of a packet, all entries of the DSCP table are initialized with the default settings shown in the table in the “Usage Guidelines” section.

Command Modes


Random-detect-group configuration

Command History

Release

Modification

12.1(5)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command must be used in conjunction with the random-detect-group command.

Additionally, the dscp command is available only if you specified the dscp-based argument when using the random-detect-group command.

The table below lists the DSCP default settings used by the dscp command. The table below lists the DSCP value, and its corresponding minimum threshold, maximum threshold, and mark probability. The last row of the table (the row labeled “default”) shows the default settings used for any DSCP value not specifically shown in the table.

Table 2 dscp Default Settings

DSCP

(Precedence)

Minimum Threshold

Maximum Threshold

Mark Probability

af11

32

40

1/10

af12

28

40

1/10

af13

24

40

1/10

af21

32

40

1/10

af22

28

40

1/10

af23

24

40

1/10

af31

32

40

1/10

af32

28

40

1/10

af33

24

40

1/10

af41

32

40

1/10

af42

28

40

1/10

af43

24

40

1/10

cs1

22

40

1/10

cs2

24

40

1/10

cs3

26

40

1/10

cs4

28

40

1/10

cs5

30

40

1/10

cs6

32

40

1/10

cs7

34

40

1/10

ef

36

40

1/10

rsvp

36

40

1/10

default

20

40

1/10

Examples

The following example enables WRED to use the DSCP value af22. The minimum threshold for the DSCP value af22 is 28, the maximum threshold is 40, and the mark probability is 10.

Router> enable
Router# configure terminal
Router(config)# random-detect-group class1 dscp-based
Router(cfg-red-group)# dscp af22 28 40 10
Router(cfg-red-group)# end

Related Commands

Command

Description

random-detect-group

Enables per-VC WRED or per-VC DWRED.

show queueing

Lists all or selected configured queueing strategies.

show queueing interface

Displays the queueing statistics of an interface or VC.

match class-map

To use a traffic class as a classification policy, use the match class-map command in class-map or policy inline configuration mode. To remove a specific traffic class as a match criterion, use the no form of this command.

match class-map class-map-nam e

no match class-map class-map-name

Syntax Description

class-map-name

Name of the traffic class to use as a match criterion.

Command Default

No match criteria are specified.

Command Modes


Class-map configuration (config-cmap)

Command History

Release

Modification

12.0(5)XE

This command was introduced.

12.1(1)E

This command was integrated into Cisco IOS Release 12.1(1)E.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.

12.4(6)T

This command was enhanced to support Zone-Based Policy Firewall.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB

This command was implemented on the Cisco 10000 series.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Cisco IOS XE Release 3.2S

This command was integrated into Cisco IOS XE Release 3.2S.

Usage Guidelines

The only method of including both match-any and match-all characteristics in a single traffic class is to use the match class-map command. To combine match-any and match-all characteristics into a single class, do one of the following:

  • Create a traffic class with the match-anyinstruction and use a class configured with the match-all instruction as a match criterion (using the match class-map command).
  • Create a traffic class with the match-allinstruction and use a class configured with the match-any instruction as a match criterion (using the match class-map command).

You can also use the match class-map command to nest traffic classes within one another, saving users the overhead of re-creating a new traffic class when most of the information exists in a previously configured traffic class.

When packets are matched to a class map, a traffic rate is generated for these packets. In a zone-based firewall policy, only the first packet that creates a session matches the policy. Subsequent packets in this flow do not match the filters in the configured policy, but instead match the session directly. The statistics related to subsequent packets are shown as part of the 'inspect' action.

Examples

Examples

Non-Zone-Based Policy Firewall Examples

In the following example, the traffic class called class1 has the same characteristics as traffic class called class2, with the exception that traffic class class1 has added a destination address as a match criterion. Rather than configuring traffic class class1 line by line, you can enter the match class-map class2 command. This command allows all of the characteristics in the traffic class called class2 to be included in the traffic class called class1, and you can simply add the new destination address match criterion without reconfiguring the entire traffic class.

Router(config)# class-map match-any class2
Router(config-cmap)# match protocol ip
Router(config-cmap)# match qos-group 3
Router(config-cmap)# match access-group 2
Router(config-cmap)# exit
Router(config)# class-map match-all class1
Router(config-cmap)# match class-map class2
Router(config-cmap)# match destination-address mac 1.1.1
Router(config-cmap)# exit

The following example shows how to combine the characteristics of two traffic classes, one with match-any and one with match-all characteristics, into one traffic class with the match class-map command. The result of traffic class called class4 requires a packet to match one of the following three match criteria to be considered a member of traffic class called class 4: IP protocol and QoS group 4, destination MAC address 1.1.1, or access group 2. Match criteria IP protocol and QoS group 4 are required in the definition of the traffic class named class3 and included as a possible match in the definition of the traffic class named class4 with the match class-map class3 command.

In this example, only the traffic class called class4 is used with the service policy called policy1.

Router(config)# class-map match-all class3
Router(config-cmap)# match protocol ip
Router(config-cmap)# match qos-group 4
Router(config-cmap)# exit
Router(config)# class-map match-any class4
Router(config-cmap)# match class-map class3
Router(config-cmap)# match destination-address mac 1.1.1
Router(config-cmap)# match access-group 2
Router(config-cmap)# exit
Router(config)# policy-map policy1
Router(config-pmap)# class class4
Router(config-pmap-c)# police 8100 1500 2504 conform-action transmit exceed-action set-qos-transmit 4
Router(config-pmap-c)# exit

Related Commands

Command

Description

class-map

Creates a class map to be used for matching packets to a specified class.

match cos

To match a packet on the basis of a Layer 2 class of service (CoS)/Inter-Switch Link (ISL) marking, use the matchcos command in class-map configuration or policy inline configuration mode. To remove a specific Layer 2 CoS/ISL marking as a match criterion, use the no form of this command.

match cos cos-value [ cos-value [ cos-value [cos-value] ] ]

no match cos cos-value [ cos-value [ cos-value [cos-value] ] ]

Syntax Description

Supported Platforms Other Than the Cisco 10000 Series Routers

cos-value

Specific IEEE 802.1Q/ISL CoS value. The cos-value is from 0 to 7; up to four CoS values, separated by a space, can be specified in one matchcos statement.

Cisco 10000 Series Routers

cos-value

Specific packet CoS bit value. Specifies that the packet CoS bit value must match the specified CoS value. The cos-value is from 0 to 7; up to four CoS values, separated by a space, can be specified in one matchcos statement.

Command Default

Packets are not matched on the basis of a Layer 2 CoS/ISL marking.

Command Modes


Class-map configuration (config-cmap)
Policy inline configuration (config-if-spolicy-inline)

Command History

Release

Modification

12.1(5)T

This command was introduced.

12.0(25)S

This command was integrated into Cisco IOS Release 12.0(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB

This command was integrated into Cisco IOS Release 12.2(31)SB and implemented on the Cisco 10000 series routers.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

12.2(33)SRC

This command was integrated into Cisco IOS Release 12.2(33)SRC and support for the Cisco 7600 series routers was added.

12.4(15)T2

This command was integrated into Cisco IOS Release 12.4(15)T2.

12.2(33)SB

This command was integrated into Cisco IOS Release 12.2(33)SB and support for the Cisco 7300 series router was added.

15.1(3)T

This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor. Support was added for policy inline configuration mode.

12.2(58)SE

This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

12.2(33)SCF

This command was integrated into Cisco IOS Release 12.2(33)SCF.

3.2SE

This command was integrated into Cisco IOS XE Release 3.2SE.

15.1(2)SNG

This command was integrated into Cisco ASR 901 Series Aggregation Services Routers.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

You must first enter the service-policytypeperformance-monitorinlinecommand.

Examples

In the following example, the CoS values of 1, 2, and 3 are successful match criteria for the interface that contains the classification policy named cos:

Router(config)# class-map cos
Router(config-cmap)# match cos 1 2 3

In the following example, classes named voice and video-n-data are created to classify traffic based on the CoS values. QoS treatment is then given to the appropriate packets in the CoS-based-treatment policy map (in this case, the QoS treatment is priority 64 and bandwidth 512). The service policy configured in this example is attached to all packets leaving Fast Ethernet interface 0/0.1. The service policy can be attached to any interface that supports service policies.

Router(config)# class-map voice
Router(config-cmap)# match cos 7
Router(config)# class-map video-n-data
Router(config-cmap)# match cos 5
Router(config)# policy-map cos-based-treatment
Router(config-pmap)# class voice
Router(config-pmap-c)# priority 64
Router(config-pmap-c)# exit
Router(config-pmap)# class video-n-data
Router(config-pmap-c)# bandwidth 512
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet0/0.1
Router(config-if)# service-policy output cos-based-treatment

Examples

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example shows how to use the policy inline configuration mode to configure a service policy for Performance Monitor. The policy specifies that packets traversing Ethernet interface 0/0 that match the criteria of a CoS value of 2 will be monitored based on the parameters specified in the flow monitor configuration namedfm-2:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# match cos 2
Router(config-if-spolicy-inline)# flow monitor fm-2
Router(config-if-spolicy-inline)# exit

Examples

Example of the match cos Command for Matching Traffic Classes Inside a 802.1p Domain by CoS values in Cisco IOS Release 12.2(33)SCF

The following example shows how to match traffic classes for the 802.1p domain with packet CoS values:

Router> enable
Router# config terminal
Router(config)# class-map cos7
Router(config-cmap)# match cos 2
Router(config-cmap)# exit

Related Commands

Command

Description

class-map

Creates a class map to be used for matching packets to a specified class.

service-policy type performance-monitor

Associates a Performance Monitor policy with an interface.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

set cos

Sets the Layer 2 CoS value of an outgoing packet.

show class-map

Displays all class maps and their matching criteria.

match protocol

To configure the match criterion for a class map on the basis of a specified protocol, use the matchprotocol command in class-map configuration or policy inline configuration mode. To remove the protocol-based match criterion from the class map, use the no form of this command.

match protocol protocol-name

no match protocol protocol-name

Syntax Description

protocol-name

Name of the protocol (for example, bgp) used as a matching criterion. See the “Usage Guidelines” for a list of protocols supported by most routers.

Command Default

No match criterion is configured.

Command Modes


Class-map configuration (config-cmap)
Policy inline configuration (config-if-spolicy-inline)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(5)XE

This command was integrated into Cisco IOS Release 12.0(5)XE.

12.0(7)S

This command was integrated into Cisco IOS Release 12.0(7)S.

12.1(1)E

This command was integrated into Cisco IOS Release 12.1(1)E.

12.1(13)E

This command was integrated into Cisco IOS Release 12.1(13)E and implemented on Catalyst 6000 family switches without FlexWAN modules.

12.2(8)T

This command was integrated into Cisco IOS Release 12.2(8)T.

12.2(13)T

This command was modified to remove apollo, vines, and xns from the list of protocols used as matching criteria. These protocols were removed because Apollo Domain, Banyan VINES, and Xerox Network Systems (XNS) were removed in this release. The IPv6 protocol was added to support matching on IPv6 packets.

12.0(28)S

This command was integrated into Cisco IOS Release 12.0(28)S for IPv6.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.2(17a)SX1

This command was integrated into Cisco IOS Release 12.2(17a)SX1.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE and implemented on the Supervisor Engine 720.

12.4(6)T

This command was modified. The Napster protocol was removed because it is no longer supported.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB2

This command was integrated into Cisco IOS Release 12.2(31)SB2 and implemented on the Cisco 10000 series routers.

12.2(18)ZY

This command was integrated into Cisco IOS Release 12.2(18)ZY. This command was modified to enhance Network-Based Application Recognition (NBAR) functionality on the Catalyst 6500 series switch that is equipped with the Supervisor 32/programmable intelligent services accelerator (PISA) engine.

12.4(15)XZ

This command was integrated into Cisco IOS Release 12.4(15)XZ.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T and implemented on the Cisco 1700, Cisco 1800, Cisco 2600, Cisco 2800, Cisco 3700, Cisco 3800, Cisco 7200, and Cisco 7300 series routers.

Cisco IOS XE Release 2.2

This command was integrated into Cisco IOS XE Release 2.2 and implemented on the Cisco ASR 1000 Series Routers.

Cisco IOS XE Release 3.1S

This command was modified. Support for more protocols was added.

15.1(3)T

This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor. Support was added for policy inline configuration mode.

12.2(58)SE

This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

You must first enter the service-policytypeperformance-monitorinlinecommand.

Supported Platforms Other Than Cisco 7600 Routers and Cisco 10000 Series Routers

For class-based weighted fair queueing (CBWFQ), you define traffic classes based on match criteria protocols, access control lists (ACLs), input interfaces, quality of service (QoS) labels, and Experimental (EXP) field values. Packets satisfying the match criteria for a class constitute the traffic for that class.

The matchprotocol command specifies the name of a protocol to be used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map.

The matchprotocolipx command matches packets in the output direction only.

To use the matchprotocol command, you must first enter the class-map command to specify the name of the class whose match criteria you want to establish. After you identify the class, you can use one of the following commands to configure its match criteria:

  • match access-group
  • match input-interface
  • match mpls experimental

If you specify more than one command in a class map, only the last command entered applies. The last command overrides the previously entered commands.

To configure NBAR to match protocol types that are supported by NBAR traffic, use the matchprotocol(NBAR)command.

Cisco 7600 Series Routers

The matchprotocol command in QoS class-map configuration configures NBAR and sends all traffic on the port, both ingress and egress, to be processed in the software on the Multilayer Switch Feature Card 2 (MSFC2).

For CBWFQ, you define traffic classes based on match criteria like protocols, ACLs, input interfaces, QoS labels, and Multiprotocol Label Switching (MPLS) EXP field values. Packets satisfying the match criteria for a class constitute the traffic for that class.

The matchprotocolcommand specifies the name of a protocol to be used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map.

If you want to use the matchprotocolcommand, you must first enter the class-map command to specify the name of the class to which you want to establish the match criteria.

If you specify more than one command in a class map, only the last command entered applies. The last command overrides the previously entered commands.

This command can be used to match protocols that are known to the NBAR feature. For a list of protocols supported by NBAR, see the “Classification” part of the Cisco IOS Quality of Service Solutions Configuration Guide.

Cisco 10000 Series Routers

For CBWFQ, you define traffic classes based on match criteria including protocols, ACLs, input interfaces, QoS labels, and EXP field values. Packets satisfying the match criteria for a class constitute the traffic for that class.

The matchprotocol command specifies the name of a protocol to be used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map.

The matchprotocolipx command matches packets in the output direction only.

To use the matchprotocol command, you must first enter the class-map command to specify the name of the class whose match criteria you want to establish.

If you are matching NBAR protocols, use the matchprotocol(NBAR) command.

Match Protocol Command Restrictions (Catalyst 6500 Series Switches Only)

Policy maps contain traffic classes. Traffic classes contain one or more match commands that can be used to match packets (and organize them into groups) on the basis of a protocol type or application. You can create as many traffic classes as needed.

Cisco IOS Release 12.2(18)ZY includes software intended for use on the Catalyst 6500 series switch that is equipped with a Supervisor 32/PISA engine. For this release and platform, note the following restrictions for using policy maps and matchprotocol commands:

  • A single traffic class can be configured to match a maximum of 8 protocols or applications.
  • Multiple traffic classes can be configured to match a cumulative maximum of 95 protocols or applications.

Supported Protocols

The table below lists the protocols supported by most routers. Some routers support a few additional protocols. For example, the Cisco 7600 router supports the AARP and DECnet protocols, while the Cisco 7200 router supports the directconnect and PPPOE protocols. For a complete list of supported protocols, see the online help for the matchprotocol command on the router that you are using.

Table 3 Supported Protocols

Protocol Name

Description

802-11-iapp

IEEE 802.11 Wireless Local Area Networks Working Group Internet Access Point Protocol

ace-svr

ACE Server/Propagation

aol

America-Online Instant Messenger

appleqtc

Apple QuickTime

arp *

IP Address Resolution Protocol (ARP)

bgp

Border Gateway Protocol

biff

Biff mail notification

bootpc

Bootstrap Protocol Client

bootps

Bootstrap Protocol Server

bridge *

bridging

cddbp

CD Database Protocol

cdp *

Cisco Discovery Protocol

cifs

CIFS

cisco-fna

Cisco FNATIVE

cisco-net-mgmt

cisco-net-mgmt

cisco-svcs

Cisco license/perf/GDP/X.25/ident svcs

cisco-sys

Cisco SYSMAINT

cisco-tdp

cisco-tdp

cisco-tna

Cisco TNATIVE

citrix

Citrix Systems Metaframe

citriximaclient

Citrix IMA Client

clns *

ISO Connectionless Network Service

clns_es *

ISO CLNS End System

clns_is *

ISO CLNS Intermediate System

clp

Cisco Line Protocol

cmns *

ISO Connection-Mode Network Service

cmp

Cluster Membership Protocol

compressedtcp *

Compressed TCP

creativepartnr

Creative Partner

creativeserver

Creative Server

cuseeme

CU-SeeMe desktop video conference

daytime

Daytime (RFC 867)

dbase

dBASE Unix

dbcontrol_agent

Oracle Database Control Agent

ddns-v3

Dynamic DNS Version 3

dhcp

Dynamic Host Configuration

dhcp-failover

DHCP Failover

directconnect

Direct Connect

discard

Discard port

dns

Domain Name Server lookup

dnsix

DNSIX Security Attribute Token Map

echo

Echo port

edonkey

eDonkey

egp

Exterior Gateway Protocol

eigrp

Enhanced Interior Gateway Routing Protocol

entrust-svc-handler

Entrust KM/Admin Service Handler

entrust-svcs

Entrust sps/aaas/aams

exec

Remote Process Execution

exchange

Microsoft RPC for Exchange

fasttrack

FastTrack Traffic (KaZaA, Morpheus, Grokster, and so on)

fcip-port

FCIP

finger

Finger

ftp

File Transfer Protocol

ftps

FTP over TLS/SSL

gdoi

Group Domain of Interpretation

giop

Oracle GIOP/SSL

gnutella

Gnutella Version 2 Traffic (BearShare, Shareeza, Morpheus, and so on)

gopher

Gopher

gre

Generic Routing Encapsulation

gtpv0

GPRS Tunneling Protocol Version 0

gtpv1

GPRS Tunneling Protocol Version 1

h225ras

H225 RAS over Unicast

h323

H323 Protocol

h323callsigalt

H323 Call Signal Alternate

hp-alarm-mgr

HP Performance data alarm manager

hp-collector

HP Performance data collector

hp-managed-node

HP Performance data managed node

hsrp

Hot Standby Router Protocol

http

Hypertext Transfer Protocol

https

Secure Hypertext Transfer Protocol

ica

ica (Citrix)

icabrowser

icabrowser (Citrix)

icmp

Internet Control Message Protocol

ident

Authentication Service

igmpv3lite

IGMP over UDP for SSM

imap

Internet Message Access Protocol

imap3

Interactive Mail Access Protocol 3

imaps

IMAP over TLS/SSL

ip *

IP (version 4)

ipass

IPASS

ipinip

IP in IP (encapsulation)

ipsec

IP Security Protocol (ESP/AH)

ipsec-msft

Microsoft IPsec NAT-T

ipv6 *

IP (version 6)

ipx

IPX

irc

Internet Relay Chat

irc-serv

IRC-SERV

ircs

IRC over TLS/SSL

ircu

IRCU

isakmp

ISAKMP

iscsi

iSCSI

iscsi-target

iSCSI port

kazaa2

Kazaa Version 2

kerberos

Kerberos

l2tp

Layer 2 Tunnel Protocol

ldap

Lightweight Directory Access Protocol

ldap-admin

LDAP admin server port

ldaps

LDAP over TLS/SSL

llc2 *

llc2

login

Remote login

lotusmtap

Lotus Mail Tracking Agent Protocol

lotusnote

Lotus Notes

mgcp

Media Gateway Control Protocol

microsoft-ds

Microsoft-DS

msexch-routing

Microsoft Exchange Routing

msnmsgr

MSN Instant Messenger

msrpc

Microsoft Remote Procedure Call

msrpc-smb-netbios

MSRPC over TCP port 445

ms-cluster-net

MS Cluster Net

ms-dotnetster

Microsoft .NETster Port

ms-sna

Microsoft SNA Server/Base

ms-sql

Microsoft SQL

ms-sql-m

Microsoft SQL Monitor

mysql

MySQL

n2h2server

N2H2 Filter Service Port

ncp

NCP (Novell)

net8-cman

Oracle Net8 Cman/Admin

netbios

Network Basic Input/Output System

netbios-dgm

NETBIOS Datagram Service

netbios-ns

NETBIOS Name Service

netbios-ssn

NETBIOS Session Service

netshow

Microsoft Netshow

netstat

Variant of systat

nfs

Network File System

nntp

Network News Transfer Protocol

novadigm

Novadigm Enterprise Desktop Manager (EDM)

ntp

Network Time Protocol

oem-agent

OEM Agent (Oracle)

oracle

Oracle

oracle-em-vp

Oracle EM/VP

oraclenames

Oracle Names

orasrv

Oracle SQL*Net v1/v2

ospf

Open Shortest Path First

pad *

Packet assembler/disassembler (PAD) links

pcanywhere

Symantec pcANYWHERE

pcanywheredata

pcANYWHEREdata

pcanywherestat

pcANYWHEREstat

pop3

Post Office Protocol

pop3s

POP3 over TLS/SSL

pppoe

Point-to-Point Protocol over Ethernet

pptp

Point-to-Point Tunneling Protocol

printer

Print spooler/ldp

pwdgen

Password Generator Protocol

qmtp

Quick Mail Transfer Protocol

radius

RADIUS & Accounting

rcmd

Berkeley Software Distribution (BSD) r-commands (rsh, rlogin, rexec)

rdb-dbs-disp

Oracle RDB

realmedia

RealNetwork’s Realmedia Protocol

realsecure

ISS Real Secure Console Service Port

rip

Routing Information Protocol

router

Local Routing Process

rsrb *

Remote Source-Route Bridging

rsvd

RSVD

rsvp

Resource Reservation Protocol

rsvp-encap

RSVP ENCAPSULATION-1/2

rsvp_tunnel

RSVP Tunnel

rtc-pm-port

Oracle RTC-PM port

rtelnet

Remote Telnet Service

rtp

Real-Time Protocol

rtsp

Real-Time Streaming Protocol

r-winsock

remote-winsock

secure-ftp

FTP over Transport Layer Security/Secure Sockets Layer (TLS/SSL)

secure-http

Secured HTTP

secure-imap

Internet Message Access Protocol over TLS/SSL

secure-irc

Internet Relay Chat over TLS/SSL

secure-ldap

Lightweight Directory Access Protocol over TLS/SSL

secure-nntp

Network News Transfer Protocol over TLS/SSL

secure-pop3

Post Office Protocol over TLS/SSL

secure-telnet

Telnet over TLS/SSL

send

SEND

shell

Remote command

sip

Session Initiation Protocol

sip-tls

Session Initiation Protocol-Transport Layer Security

skinny

Skinny Client Control Protocol

sms

SMS RCINFO/XFER/CHAT

smtp

Simple Mail Transfer Protocol

snapshot

Snapshot routing support

snmp

Simple Network Protocol

snmptrap

SNMP Trap

socks

Sockets network proxy protocol (SOCKS)

sqlnet

Structured Query Language (SQL)*NET for Oracle

sqlserv

SQL Services

sqlsrv

SQL Service

sqlserver

Microsoft SQL Server

ssh

Secure shell

sshell

SSLshell

ssp

State Sync Protocol

streamwork

Xing Technology StreamWorks player

stun

cisco Serial Tunnel

sunrpc

Sun remote-procedure call (RPC)

syslog

System Logging Utility

syslog-conn

Reliable Syslog Service

tacacs

Login Host Protocol (TACACS)

tacacs-ds

TACACS-Database Service

tarantella

Tarantella

tcp

Transport Control Protocol

telnet

Telnet

telnets

Telnet over TLS/SSL

tftp

Trivial File Transfer Protocol

time

Time

timed

Time server

tr-rsrb

cisco RSRB

tto

Oracle TTC/SSL

udp

User Datagram Protocol

uucp

UUCPD/UUCP-RLOGIN

vdolive

VDOLive streaming video

vofr *

Voice over Frame Relay

vqp

VLAN Query Protocol

webster

Network Dictionary

who

Who’s service

wins

Microsoft WINS

x11

X Window System

xdmcp

XDM Control Protocol

xwindows *

X-Windows remote access

ymsgr

Yahoo! Instant Messenger

* This protocol is not supported on the Catalyst 6500 series switch that is equipped with a Supervisor 32/PISA engine.

Examples

The following example specifies a class map named ftp and configures the FTP protocol as a match criterion:

Router(config)# class-map ftp
Router(config-cmap)
#
 match protocol ftp

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example shows how to use the policy inline configuration mode to configure a service policy for Performance Monitor. The policy specifies that packets traversing Ethernet interface 0/0 for the IP protocol will be monitored based on the parameters specified in the flow monitor configuration namedfm-2:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# match protocol ip
Router(config-if-spolicy-inline)# flow monitor fm-2
Router(config-if-spolicy-inline)# exit

Related Commands

Command

Description

class-map

Creates a class map to be used for matching packets to a specified class.

service-policy type performance-monitor

Associates a Performance Monitor policy with an interface.

match access-group

Configures the match criteria for a class map based on the specified ACL.

match input-interface

Configures a class map to use the specified input interface as a match criterion.

match mpls experimental

Configures a class map to use the specified value of the experimental field as a match criterion.

match precedence

Identifies IP precedence values as match criteria.

match protocol (NBAR)

Configures NBAR to match traffic by a protocol type known to NBAR.

match qos-group

Configures a class map to use the specified EXP field value as a match criterion.

match qos-group

To identify a specific quality of service (QoS) group value as a match criterion, use the matchqos-groupcommand in class-map configuration or policy inline configuration mode. To remove a specific QoS group value from a class map, use the no form of this command.

match qos-group qos-group-value

no match qos-group qos-group-value

Syntax Description

qos-group-value

The exact value from 0 to 99 used to identify a QoS group value.

Command Default

No match criterion is specified.

Command Modes


Class-map configuration (config-cmap)
Policy inline configuration (config-if-spolicy-inline)

Command History

Release

Modification

11.1CC

This command was introduced.

12.0(5)XE

This command was integrated into Cisco IOS Release 12.0(5)XE.

12.2(13)T

This command was integrated into Cisco IOS Release 12.2(13)T.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB

This command was integrated into Cisco IOS Release 12.2(31)SB and implemented on the Cisco 10000 series routers.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Cisco IOS XE Release 2.1

This command was integrated into Cisco IOS XE Release 2.1 and implemented on Cisco ASR 1000 Series Routers.

15.1(3)T

This command was integrated into Cisco IOS Release 15.1(3)T for Cisco Performance Monitor. Support was added for policy inline configuration mode.

12.2(58)SE

This command was integrated into Cisco IOS Release 12.2(58)SE for Cisco Performance Monitor.

Usage Guidelines

This command can be used with both Flexible NetFlow and Performance Monitor. These products use different commands to enter the configuration mode in which you issue this command.

The matchqos-group command is used by the class map to identify a specific QoS group value marking on a packet. This command can also be used to convey the received Multiprotocol Label Switching (MPLS) experimental (EXP) field value to the output interface.

The qos-group-value argument is used as a marking only. The QoS group values have no mathematical significance. For instance, the qos-group-value of 2 is not greater than 1. The value simply indicates that a packet marked with the qos-group-value of 2 is different than a packet marked with the qos-group-value of 1. The treatment of these packets is defined by the user through the setting of QoS policies in QoS policy-map class configuration mode.

The QoS group value is local to the router, meaning that the QoS group value that is marked on a packet does not leave the router when the packet leaves the router. If you need a marking that resides in the packet, use IP precedence setting, IP differentiated services code point (DSCP) setting, or another method of packet marking.

This command can be used with the random-detectdiscard-class-basedcommand.

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

You must first enter the service-policytypeperformance-monitorinlinecommand.

Examples

The following example shows how to configure the service policy named priority50 and attach service policy priority50 to an interface. In this example, the class map named qosgroup5 will evaluate all packets entering Fast Ethernet interface 1/0/0 for a QoS group value of 5. If the incoming packet has been marked with the QoS group value of 5, the packet will be treated with a priority level of 50.

Router(config)#
 
class-map qosgroup5
Router(config-cmap)
#
 match qos-group 5
Router(config)#
 
exit
Router(config)#
 
policy-map priority50
Router(config-pmap)#
 
class qosgroup5
Router(config-pmap-c)#
 
priority 50
Router(config-pmap-c)#
 
exit
Router(config-pmap)#
 
exit
Router(config)#
 
interface fastethernet1/0/0
Router(config-if)#
 
service-policy output priority50

Examples

Cisco Performance Monitor in Cisco IOS Release 15.1(3)T and 12.2(58)SE

The following example shows how to use the policy inline configuration mode to configure a service policy for Performance Monitor. The policy specifies that packets traversing Ethernet interface 0/0 that match the criteria of a QoS value of 4 will be monitored based on the parameters specified in the flow monitor configuration namedfm-2:

Router(config)# interface ethernet 0/0
Router(config-if)# service-policy type performance-monitor inline input
Router(config-if-spolicy-inline)# match qosgroup 4
Router(config-if-spolicy-inline)# flow monitor fm-2
Router(config-if-spolicy-inline)# exit

Related Commands

Command

Description

class-map

Creates a class map to be used for matching packets to a specified class.

service-policy type performance-monitor

Associates a Performance Monitor policy with an interface.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

random-detect discard-class-based

Bases WRED on the discard class value of a packet.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

set precedence

Specifies an IP precedence value for packets within a traffic class.

set qos-group

Sets a group ID that can be used later to classify packets.

mls qos (global configuration mode)

To enable the quality of service (QoS) functionality globally, use the mlsqoscommand in global configuration mode. To disable the QoS functionality globally, use the no form of this command.

mls qos

no mls qos

Syntax Description

This command has no arguments or keywords.

Command Default

QoS is globally disabled.

Command Modes


Global configuration

Command History

Release

Modification

12.2(14)SX

Support for this command was introduced on the Supervisor Engine 720.

12.2(17d)SXB

This command was implemented on the Supervisor Engine 2 and integrated into Cisco IOS Release 12.2(17d)SXB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

If you enable QoS globally, QoS is enabled on all interfaces with the exception of the interfaces where you disabled QoS. If you disable QoS globally, all traffic is passed in QoS pass-through mode.

In port-queueing mode, Policy Feature Card (PFC) QoS (marking and policing) is disabled, and packet type of service (ToS) and class of service (CoS) are not changed by the PFC. All queueing on rcv and xmt is based on a QoS tag in the incoming packet, which is based on the incoming CoS.

For 802.1Q or Inter-Switch Link (ISL)-encapsulated port links, queueing is based on the packet 802.1Q or ISL CoS.

For the router main interfaces or access ports, queueing is based on the configured per-port CoS (the default CoS is 0).

This command enables or disables ternary content addressable memory (TCAM) QoS on all interfaces that are set in the OFF state.

Examples

This example shows how to enable QoS globally:

Router(config)# mls qos
Router(config)#

This example shows how to disable QoS globally on the Cisco 7600 series routers:

Router(config)# no mls qos
Router(config)#

Related Commands

Command

Description

mls qos (interface configuration mode)

Enables the QoS functionality on an interface.

show mls qos

Displays MLS QoS information.

mls qos (interface configuration mode)

To enable the quality of service (QoS) functionality on an interface, use the mlsqoscommand in interface configuration command mode. To disable QoS functionality on an interface, use the no form of this command.

mls qos

no mls qos

Syntax Description

This command has no arguments or keywords.

Command Default

Enabled

Command Modes


Interface configuration

Command History

Release

Modification

12.2(14)SX

Support for this command was introduced on the Supervisor Engine 720.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

This command is deprecated on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Although the CLI allows you to configure PFC-based QoS on the WAN ports on the OC-12 ATM OSMs and on the WAN ports on the channelized OSMs, PFC-based QoS is not supported on the WAN ports on these OSMs.

If you disable QoS globally, it is also disabled on all interfaces.

This command enables or disables TCAM QoS (classification, marking, and policing) for the interface.

Examples

This example shows how to enable QoS on an interface:

Router(config-if)# mls qos

Related Commands

Command

Description

mls qos (global configuration mode)

Enables the QoS functionality globally.

show mls qos

Displays MLS QoS information.