Guest

Cisco IOS Software Releases 12.2 T

Packet Classification Based on Layer 3 Packet Length

Hierarchical Navigation

Downloads

Table Of Contents

Packet Classification Based on Layer 3 Packet Length

Contents

Prerequisites for Packet Classification Based on Layer 3 Packet Length

Restrictions for Packet Classification Based on Layer 3 Packet Length

Information About Packet Classification Based on Layer 3 Packet Length

Modular Quality of Service Command-Line Interface

How to Configure Packet Classification Based on Layer 3 Packet Length

Configuring the Class Map to Match on Layer 3 Packet Length

Creating a Policy Map

Attaching the Policy Map to an Interface

Verifying the Configuration

Troubleshooting Tips

Configuration Examples for Packet Classification Based on Layer 3 Packet Length

Configuring the Packet Length As a Match Criterion Example

Verifying the Packet Length Setting Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

match packet length (class-map)

show class-map

show policy-map interface


Packet Classification Based on Layer 3 Packet Length

This feature provides the added capability of matching and classifying traffic on the basis of the Layer 3 length in the IP packet header. The Layer 3 length is the IP datagram plus the IP header. This new match criterion is in addition to the other match criteria, such as the IP precedence, differentiated services code point (DSCP) value, class of service (CoS), currently available.

Feature Specifications for Packet Classification Based on Layer 3 Packet Length

Feature History
 
Release
Modification

12.2(13)T

This feature was introduced.

12.2(18)SXE

This feature was integrated into Cisco IOS Release 12.2(18)SXE.


Contents

Prerequisites for Packet Classification Based on Layer 3 Packet Length

Restrictions for Packet Classification Based on Layer 3 Packet Length

Information About Packet Classification Based on Layer 3 Packet Length

How to Configure Packet Classification Based on Layer 3 Packet Length

Configuration Examples for Packet Classification Based on Layer 3 Packet Length

Additional References

Command Reference

Prerequisites for Packet Classification Based on Layer 3 Packet Length

When configuring this feature, you must first create a policy map (sometimes referred to as a service policy or a traffic policy) using the Modular QoS Command-Line Interface (CLI) (MQC). Therefore, you should be familiar with the procedure for creating a policy map using the MQC.

For more information about creating a policy map (traffic policy) using the MQC, refer to the "Configuring the Modular Quality of Service Command-Line Interface" chapter of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2.

Restrictions for Packet Classification Based on Layer 3 Packet Length

This feature is intended for use with IP packets only.

This feature considers only the Layer 3 packet length in the IP header. It does not consider the Layer 2 overhead.

Information About Packet Classification Based on Layer 3 Packet Length

To configure Packet Classification Based on Layer 3 Packet Length, you need to understand the following concept:

Modular Quality of Service Command-Line Interface

Modular Quality of Service Command-Line Interface

The MQC is a command-line interface (CLI) that allows you to create traffic policies and attach these policies to interfaces.

In the MQC, the class-map command is used to define a traffic class (which is then associated with a traffic policy). The purpose of a traffic class is to classify traffic.

The Modular QoS CLI consists of the following three processes:

Defining a traffic class with the class-map command.

Creating a traffic policy by associating the traffic class with one or more QoS features (using the policy-map command).

Attaching the traffic policy to the interface with the service-policy command.

A traffic class contains three major elements: a name, a series of match commands, and, if more than one match command exists in the traffic class, an instruction on how to evaluate these match commands. The traffic class is named in the class-map command line; for example, if you enter the class-map cisco command while configuring the traffic class in the CLI, the traffic class would be named "cisco".

The match commands are used to specify various criteria for classifying packets. Packets are checked to determine whether they match the criteria specified in the match commands. If a packet matches the specified criteria, that packet is considered a member of the class and is forwarded according to the QoS specifications set in the traffic policy. Packets that fail to meet any of the matching criteria are classified as members of the default traffic class.

How to Configure Packet Classification Based on Layer 3 Packet Length

This section contains the following procedures. Each procedure is identified as either required or optional.

Configuring the Class Map to Match on Layer 3 Packet Length (required)

Creating a Policy Map (required)

Attaching the Policy Map to an Interface (required)

Verifying the Configuration (optional)

Configuring the Class Map to Match on Layer 3 Packet Length

Class maps can be used to classify packets into groups that can then receive specific QoS features. For example, class maps can be configured to match packets on the basis of one or more user-specified criterion (for example, the DSCP value or access list number). In this case, the class map is configured to match on the Layer 3 packet length.

To configure the class map to match on the Layer 3 packet length, use the following commands:

SUMMARY STEPS

1. enable

2. configure terminal

3. class-map class-map-name

4. match packet length {max maximum-length-value [min minimum-length-value] | min minimum-length-value [max maximum-length-value]}

5. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

class-map class-map-name

Example:

Router(config)# class-map class1

Specifies the name of the class map to be created and enters class-map configuration mode.

Enter the class map name.

Step 4 

match packet length {max maximum-length-value [min minimum-length-value] | min minimum-length-value [max maximum-length-value]}

Example:

Router(config-cmap)# match packet length min 100 max 300

Configures the class map to match traffic on the basis of the Layer 3 packet length.

Enter the Layer 3 packet length.

Step 5 

exit

Example:

Router(config-cmap)# exit

(Optional) Exits class-map configuration mode.


Creating a Policy Map

A policy map (traffic policy) is created using the MQC. To create a policy map using the MQC, refer to the instructions in the "Configuring the Modular Quality of Service Command-Line Interface" chapter of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2.

Attaching the Policy Map to an Interface

After a policy map is created, the next step is to attach the policy map to an interface. Policy maps can be attached to either the input or output direction of the interface.

Depending on the needs of your network, you may need to attach the policy map to a subinterface, an ATM permanent virtual circuit (PVC), a Frame Relay data-link connection identifier (DLCI), or other type of interface.

To attach the policy map, use the following commands:

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. pvc [name] vpi/vci [ilmi | qsaal | smds]

5. service-policy {input | output} policy-map-name

6. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables higher privilege levels, such as privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface type number


Example:

Router(config)# interface s4/0

Configures an interface (or subinterface) type and enters interface configuration mode

Enter the interface type number.

Step 4 

pvc [name] vpi/vci [ilmi | qsaal | smds]

Example:

Router(config-if)# pvc cisco 0/16 ilmi

(Optional) Creates or assigns a name to an ATM PVC, specifies the encapsulation type on an ATM PVC, and enters ATM VC configuration mode.

Note This step is required only if you are attaching the policy map to an ATM PVC. If you are not attaching the policy map to an ATM PVC, skip this step and proceed with Step 5.

Step 5 

service-policy {input | output} policy-map-name

Example:

Router(config-if)# service-policy input policy1


Specifies the name of the policy map to be attached to either the input or output direction of the interface.

Note Policy maps can be configured on ingress or egress routers. They can also be attached in the input or output direction of an interface. The direction (input or output) and the router (ingress or egress) to which the policy map should be attached varies according your network configuration. When using the service-policy command to attach the policy map to an interface, be sure to choose the router and the interface direction that are appropriate for your network configuration.

Enter the policy map name.

Step 6 

exit

Example:

Router(config-if)# exit

(Optional) Exits interface configuration mode.


Verifying the Configuration

This task allows you to verify that you created the configuration you intended, and that the feature is functioning correctly.

To verify the configuration, use the following commands:

SUMMARY STEPS

1. enable

2. show class-map [class-map-name]

or

show policy-map interface interface-name [vc [vpi/] vci][dlci dlci] [input | output]

3. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables higher privilege levels, such as privileged EXEC mode.

Enter your password if prompted.

Step 2 

show class-map [class-map-name]

or

show policy-map interface interface-name [vc [vpi/] vci][dlci dlci] [input | output]

Example:

Router# show class-map class1

or

Example:

Router# show policy-map interface s4/0

Displays all information about a class map, including the match criterion.

or

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.

Enter the interface name.

Step 3 

exit

Example:

Router# exit

(Optional) Exits EXEC mode.


Troubleshooting Tips

The commands in the "Verifying the Configuration" section allow you to verify that you achieved the intended configuration and that the feature is functioning correctly. If, after using the show commands listed above, you find that the configuration is not correct or the feature is not functioning as expected, perform these operations:

If the configuration is not the one you intended, complete the following procedures:

Use the show running-config command and analyze the output of the command.

If the policy map does not appear in the output of the show running-config command, enable the logging console command.

Attach the policy map to the interface again.

If the packets are not being matched correctly (for example, the packet counters are not incrementing correctly), complete the following procedures:

Run the show policy-map command and analyze the output of the command.

Run the show running-config command and analyze the output of the command.

Use the show policy-map interface command and analyze the output of the command. Check the the following findings:

If a policy map applies queueing, and the packets are matching the correct class, but you see unexpected results, compare the number of the packets in the queue with the number of the packets matched.

If the interface is congested, and only a small number of the packets are being matched, check the tuning of the tx ring and evaluate whether the queueing is happening on the tx ring. To do this, use the show controllers command and look at the value of the tx count in the output of the command.

Configuration Examples for Packet Classification Based on Layer 3 Packet Length

This section provides the following configuration examples:

Configuring the Packet Length As a Match Criterion Example

Verifying the Packet Length Setting Example

Configuring the Packet Length As a Match Criterion Example

In the following example, a class map called "class 1" has been created, and the Layer 3 packet length has been specified as a match criterion. In this example, packets with a minimum Layer 3 packet length of 100 and a maximum Layer 3 packet length of 300 are viewed as meeting the match criterion. Packets matching this criterion are placed in class1. 

Router(config)# class map match-all class1

Router(config-cmap)# match packet length min 100 max 300

Verifying the Packet Length Setting Example

Use either the show class-map command or the show policy-map interface command to verify the setting of the Layer 3 packet length value used as a match criterion for the class map and the policy map. The following section begins with a sample output of the show class-map command and concludes with a sample output of the show policy-map interface command.

The sample output of the show class-map command shows the defined class map and the specified match criterion. In the following example, a class map called "class1" is defined. The Layer 3 packet length has been specified as a match criterion for the class. Packets with a Layer 3 length of between 100 bytes and 300 bytes belong to class1. 

Router# show class-map 


class-map match-all class1

    match packet length min 100 max 300

The sample output of the show policy-map interface command displays the statistics for the Ethernet4/1 interface, to which a service policy called "mypolicy" is attached. The configuration for the policy map called "mypolicy" is given below. 

Router(config)# policy-map mypolicy

Router(config-pmap)# class class1

Router(config-pmap-c)# set qos-group 20

Router(config-if)# service-policy input mypolicy

The following are the statistics for the policy-map called "mypolicy" attached to the Ethernet4/1 interface. These statistics confirm that matching on the Layer 3 packet length has been configured as a match criterion. 


Router# show policy-map interface Ethernet4/1


 Ethernet4/1 


  Service-policy input: mypolicy


    Class-map: class1 (match-all)

       500 packets, 125000 bytes

       5 minute offered rate 4000 bps, drop rate 0 bps

       Match: packet length min 100 max 300

       QoS Set

         qos-group 20

           Packets marked 500

Additional References

The following sections provide additional references related to Packet Classification Based on Layer 3 Packet Length.

Related Documents

Related Topic
Document Title

QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Cisco IOS Quality of Service Solutions Command Reference, Release 12.2

Modular QoS CLI (MQC)

"Modular Quality of Service Command-Line Interface" section of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2

Additional match criteria that can be used for packet classification

"Configuring the Modular Quality of Service Command-Line Interface" chapter of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2.

Information about attaching policy maps to interfaces

"Configuring the Modular Quality of Service Command-Line Interface" section of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2

Information about attaching policy maps to Frame Relay DLCIs

Cisco IOS Wide-Area Networking Configuration Guide, Release 12.2

Frame Relay configuration information and information about DLCIs

Cisco IOS Wide-Area Networking Configuration Guide, Release 12.2

Frame Relay commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Cisco IOS Wide-Area Networking Command Reference, Release 12.2


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


MIBs

MIBs
MIBs Link

CISCO-CLASS-BASED-QOS-CAPABILITY-MIB

CISCO-CLASS-BASED-QOS-MIB1

To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


RFCs

RFCs
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.


Technical Assistance

Description
Link

Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/public/support/tac/home.shtml


Command Reference

This section documents new and modified commands only.

match packet length (class-map)

show class-map

show policy-map interface

match packet length (class-map)

To specify the Layer 3 packet length in the IP header as a match criterion in a class map, use the match packet length command in class-map configuration mode. To remove a previously specified Layer 3 packet length as a match criterion, use the no form of this command.

match packet length {max maximum-length-value [min minimum-length-value] | min minimum-length-value [max maximum-length-value]}

no match packet length {max maximum-length-value [min minimum-length-value] | min minimum-length-value [max maximum-length-value]}

Syntax Description

max

Maximum. Indicates that a maximum value for the Layer 3 packet length is to be specified.

maximum-length-value

Specifies the maximum length value of the Layer 3 packet length, in bytes. The range is from 1 to 2000.

min

Minimum. Indicates that a minimum value for the Layer 3 packet length is to be specified.

minimum-length-value

Specifies the minimum length value of the Layer 3 packet length, in bytes. The range is from 1 to 2000.


Defaults

If only the minimum value is specified, a packet with a Layer 3 length greater than the minimum is viewed as matching the criterion.

If only the maximum value is specified, a packet with a Layer 3 length less than the maximum is viewed as matching the criterion.

Command Modes

Class-map configuration

Command History

Release
Modification

12.2(13)T

This command was introduced.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.


Usage Guidelines

This command considers only the Layer 3 packet length in the IP header. It does not consider the Layer 2 packet length in the IP header.

When using this command, you must at least specify the maximum or minimum value. However, you do have the option of entering both values.

Examples

In the following example a class map called "class 1" has been created, and the Layer 3 packet length has been specified as a match criterion. In this example, packets with a minimum Layer 3 packet length of 100 and a maximum Layer 3 packet length of 300 are viewed as meeting the match criteria. 

Router(config)# class map match-all class1

Router(config-cmap)# match packet length min 100 max 300

Related Commands

Command
Description

show class-map

Displays all class maps and their matching criteria.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.


show class-map

To display all class maps and their matching criteria, use the show class-map command in EXEC mode.

show class-map [class-map-name]

Syntax Description

class-map-name

(Optional) Name of the class map. The class map name can be a maximum of 40 alphanumeric characters.


Command Modes

EXEC

Command History

Release
Modification

12.0(5)T

This command was introduced.

12.2(13)T

This command was modified to display the Frame Relay data-link connection identified (DLCI) number as a criterion for matching traffic inside a class map.

In addition, this command was modified to display Layer 3 packet length as a criterion for matching traffic inside a class map.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.


Usage Guidelines

You can use the show class-map command to display all class maps and their matching criteria. If you enter the optional class-map-name argument, the specified class map and its matching criteria will be displayed.

Examples

In the following example, three class maps are defined. Packets that match access list 103 belong to class c3, IP packets belong to class c2, and packets that come through input Ethernet interface 1/0 belong to class c1. The output from the show class-map command shows the three defined class maps. 

Router# show class-map


 Class Map c3 

 Match access-group 103 


 Class Map c2 

 Match protocol ip 


 Class Map c1 

 Match input-interface Ethernet1/0

In the following example, a class map called "c1" has been defined, and the Frame Relay DLCI number of 500 has been specified as a match criterion: 

Router# show class-map 


class map match-all c1

   match fr-dlci 500

Table 1 describes the significant fields shown in the display.

Table 1 show class-map Field Descriptions1  

Field
Description

Class-map

Class of traffic being displayed. Output is displayed for each configured class map in the policy. The choice for implementing class matches (for example, match-all or match-any) can also appear next to the traffic class.

Match

Match criteria specified for the class map. Choices include criteria such as the Frame Relay DLCI number, Layer 3 packet length, IP precedence, IP differentiated services code point (DSCP) value, Multiprotocol Label Switching (MPLS) experimental value, access groups, and quality of service (QoS) groups.

1 A number in parentheses may appear next to the class-map name, and match criteria information. The number is for Cisco internal use only and can be disregarded.


Related Commands

Command
Description

class-map

Creates a class map to be used for matching packets to a specified class.

match fr-dlci

Specifies the Frame Relay DLCI number as a match criterion in a class map.

match packet length (class-map)

Specifies and uses the length of the Layer 3 packet in the IP header as a match criterion in a class map.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.


show policy-map interface

To display the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific permanent virtual circuit (PVC) on the interface, use the show policy-map interface command in EXEC mode.

show policy-map interface interface-name [vc [vpi/] vci][dlci dlci] [input | output]

Syntax Description

interface-name

Name of the interface or subinterface whose policy configuration is to be displayed.

vc

(Optional) For ATM interfaces only, shows the policy configuration for a specified PVC. The name can be up to 16 characters long.

vpi/

(Optional) ATM network virtual path identifier (VPI) for this PVC. On the Cisco 7200 and 7500 series routers, this value ranges from 0 to 255.

The vpi and vci arguments cannot both be set to 0; if one is 0, the other cannot be 0.

vci

(Optional) ATM network virtual channel identifier (VCI) for this PVC. This value ranges from 0 to 1 less than the maximum value set for this interface by the atm vc-per-vp command. Typically, the lower values 0 to 31 are reserved for specific traffic (F4 Operation, Administration, and Maintenance (OAM), switched virtual circuit (SVC) signaling, Integrated Local Management Interface (ILMI), and so on) and should not be used.

The VCI is a 16-bit field in the header of the ATM cell. The VCI value is unique only on a single link, not throughout the ATM network, because it has local significance only.

The vpi and vci arguments cannot both be set to 0; if one is 0, the other cannot be 0.

dlci

(Optional) Indicates a specific PVC for which policy configuration will be displayed.

dlci

(Optional) Specific data-link connection identifier (DLCI) number used on the interface. Policy configuration for the corresponding PVC will be displayed plus the valid value range and any default value, as pertinent, when a DLCI is specified.

input

(Optional) Indicates that the statistics for the attached input policy will be displayed.

output

(Optional) Indicates that the statistics for the attached output policy will be displayed.


Defaults

The absence of both the forward slash (/) and a vpi value causes the vpi value to default to 0. If this value is omitted, information for all virtual circuits (VCs) on the specified ATM interface or subinterface is displayed.

Command Modes

EXEC

Command History

Release
Modification

12.0(5)T

This command was introduced.

12.0(5)XE

This command was incorporated into Cisco IOS Release 12.0(5)XE.

12.0(7)S

This command was incorporated into Cisco IOS Release 12.0(7)S.

12.1(1)E

This command was incorporated into Cisco IOS Release 12.1(1)E.

12.1(2)T

This command was integrated into Cisco IOS Release 12.1(2)T. This command was modified to display information about the policy for all Frame Relay PVCs on the interface, or, if a DLCI is specified, the policy for that specific PVC. This command was also modified to display the total number of packets marked by the quality of service (QoS) set action.

12.1(3)T

This command was integrated into Cisco IOS Release 12.1(3)T. This command was modified to display per-class accounting statistics.

12.2(13)T

This command was modified to display Layer 3 packet length as a criterion for matching traffic inside a class map.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.


Usage Guidelines

The show policy-map interface command displays the packet statistics for classes on the specified interface or the specified PVC only if a service policy has been attached to either the interface or the PVC.

Examples

The following sample output of the show policy-map interface command displays the packet statistics for the Ethernet4/1 interface, to which a service policy called "mypolicy" is attached. The Layer 3 packet length has been specified as a match criterion for the traffic in the class called "class1". 


Router# show policy-map interface Ethernet4/1


 Ethernet4/1 


  Service-policy input: mypolicy


    Class-map: class1 (match-all)

       500 packets, 125000 bytes

       5 minute offered rate 4000 bps, drop rate 0 bps

       Match: packet length min 100 max 300

       QoS Set

         qos-group 20

           Packets marked 500

Table 2 describes the significant fields shown in the display.

Table 2 show policy-map interface Field Descriptions1  

Field
Description

Service-policy input

Name of the input service policy applied to the specified interface or VC.

Class-map

Class of traffic being displayed. Output is displayed for each configured class in the policy. The choice for implementing class matches (for example, match-all or match-any) can also appear next to the traffic class.

packets, bytes

Number of packets (also shown in bytes) identified as belonging to the class of traffic being displayed.

offered rate

Rate, in kbps, of packets coming into the class.

drop rate

Rate, in kbps, at which packets are dropped from the class. The drop rate is calculated by subtracting the number of successfully transmitted packets from the offered rate.

Match

Match criteria specified for the class of traffic. Choices include criteria such as the Layer 3 packet length, IP precedence, IP differentiated services code point (DSCP) value, Multiprotocol Label Switching (MPLS) experimental value, access groups, and QoS groups.

QoS Set, qos-group, Packets marked

Indicates that class-based packet marking based on the QoS group has been configured. Includes the qos-group number and the number of packets marked.

1 A number in parentheses may appear next to the service-policy input name, class-map name, and match criteria information. The number is for Cisco internal use only and can be disregarded.


Related Commands

Command
Description

match packet length (class-map)

Specifies the length of the Layer 3 packet in the IP header as a match criterion in a class map.

show frame-relay pvc

Displays statistics about PVCs for Frame Relay interfaces.

show policy-map class

Displays the configuration for the specified class of the specified policy map.


Copyright © 2005 Cisco Systems, Inc. All rights reserved.