Need an account?

Create an account

Help

Cisco 7600-ES20 Ethernet Line Card Configuration Guide

Book Contents

Find Matches in This Book

Available Languages

Download Options

Book Title

Cisco 7600-ES20 Ethernet Line Card Configuration Guide

Chapter Title

Configuring QoS on the Cisco 7600 Series Ethernet Services 20G Line Card

PDF - Complete Book (4.4 MB) PDF - This Chapter (696.0 KB)
View with Adobe Reader on a variety of devices

Results

Chapter: Configuring QoS on the Cisco 7600 Series Ethernet Services 20G Line Card

QoS Functions in the Cisco 7600 Series Ethernet Services 20G Line Card
- Ingress QoS Functions in a Cisco 7600 Series Ethernet Services 20G Line Card
- Egress QoS Functions in a Cisco 7600 Series Ethernet Services 20G Line Card
Configuring QoS Features Using MQC
EVCS QoS Support
- Mapping Between Bay and Ports
- Restrictions and Usage Guidelines
- Restrictions and User Guidelines for EVC Port Channel
Configuring Qos Over an EVC Group
- Restrictions and Usage Guidelines
Dual Rate Three Color (2R3C) Ingress Policer on Service Instances
- Restrictions and Usage Guidelines
Ingress Policing on EVC Port Channel
- Restrictions and Usage Guidelines
- Configuring Ingress Policing on EVC Port Channel
Configuring Classification
- Restrictions and Usage Guidelines
Configuring Policing
- Restrictions and Usage Guidelines
- Configuration Tasks
Attaching a QoS Traffic Policy to an Interface
- Attaching a QoS Traffic Policy for an Input Interface
- Attaching a QoS Traffic Policy to an Output Interface
Configuring Marking
- Restrictions and Usage Guidelines
Configuring Shaping
- Restrictions and Usage Guidelines
Configuring Shaping on the ES20 Main Interface
- About Traffic Shaping
- Restrictions and Usage Guidelines
- Non example
- Configuring the Child Policy
Configuring QoS Queue Scheduling
- Restrictions and Usage Guidelines
- Configuring CBWFQ
Configuring LLQ
- Examples
Configuring PFC QoS on a Cisco 7600 Series Ethernet Services 20G Line Card
PFC QoS on a Cisco 7600 Series Ethernet Services 20G Line Card Configuration Guidelines
Configuring Hierarchical QoS
Hybrid Policy Support
Configuring Hierarchical QoS with Tiered Policy-Maps
- Configuration Guidelines
Configuring Hierarchical QoS for EoMPLS VCs
Hierarchical QoS with Service Instances
- Configuration Guidelines
EVC Configuration Examples
Configuring Bandwidth Remaining Ratio (BRR) - Utilizing Unused Bandwidth Support
Hierarchical Policy-Maps
HQoS Policies with Bandwidth and Shape in Child Classes
- Restrictions and Usage Guidelines
HQoS Polices with Shape in Child Classes
- Restrictions and Usage Guideline
HQoS Policies with Police+Priority (LLQ) and Shape in Child Classes
- Restrictions and Usage Guideline
Flat Policy- Maps
BRR Propagation
- Restrictions and Usage Guidelines
- Example of a Hybrid Policy
- Hardware Restrictions

Troubleshooting QoS Features in a ES20 Line Card

Configuring QoS on the Cisco 7600 Series Ethernet Services 20G Line Card

This chapter provides information about configuring Quality of Service (QoS) on the Cisco 7600 Series Ethernet Services 20G (ES20) line card on the Cisco 7600 series router.

Before referring to any other QoS documentation for the platform or in the Cisco IOS software, use this chapter to determine ES20 line card-specific QoS feature support and configuration guidelines.

For additional details about QoS concepts and features in Cisco IOS Release 12.2, you can refer to the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2SR, at:

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book.html

This chapter includes the following sections:

•QoS Functions in the Cisco 7600 Series Ethernet Services 20G Line Card

•Configuring QoS Features Using MQC

•Dual Rate Three Color (2R3C) Ingress Policer on Service Instances

•EVCS QoS Support

•Configuring Qos Over an EVC Group

•Configuring Policing

•Configuring Marking

•Configuring Shaping

•Configuring Shaping on the ES20 Main Interface

•Configuring PFC QoS on a Cisco 7600 Series Ethernet Services 20G Line Card

•Configuring Hierarchical QoS

•Configuring Bandwidth Remaining Ratio (BRR) - Utilizing Unused Bandwidth Support

•EVC Configuration Examples

•Troubleshooting QoS Features in a ES20 Line Card

QoS Functions in the Cisco 7600 Series Ethernet Services 20G Line Card

Note Main interface refers to the maininterface and switchport unless specified otherwise.
If the supported feature is not mentioned, then the feature is not supported in the particular interface.

The following sections describe ingress and egress QoS functions.

Ingress QoS Functions in a Cisco 7600 Series Ethernet Services 20G Line Card

The following paragraphs describe ingress QoS support on the ES20 line card.

Ingress Trust

Trust is a port assignment instructing the port to trust (leave) existing priorities as they are on incoming frames or to rewrite the priorities back to zero.

A packet can arrive at an interface with a priority value already present in the packets header. The router needs to determine if the priority setting was set by a valid application or network device according to pre defined rules or if it was set by a user hoping to get better service.

The router has to decide whether to honor the priority value or change it to another value. How the router makes this determination is by using the port "trust" setting.

The ES20 line card always trusts Differentiated Services Code Point (DSCP) by default. Maininterfaces and subinterfaces use the ingress trust functionality.

Ingress Queue Scheduling

The ES20 line card does not support ingress queue scheduling.

Ingress Classification

After a frame is queued, the frame is passed on for classification. Classification entails using a traffic descriptor to categorize a packet within a specific group to define that packet and make it accessible for QoS handling on the network. Using packet classification, you can partition network traffic into multiple priority levels or classes of service.

Traffic is classified to determine whether it should be:

•Marked for further processing.

•Policed to rate limit specific traffic types.

The ES20 line card supports ingress classification. For information on configuring classification, see "Configuring Classification" section.

Ingress Policing

Policing provides a means to limit the amount of bandwidth that traffic traveling through a given port, or a collection of ports in a VLAN, can use. Policing works by defining an amount of data that the router is willing to send or receive in kilobytes per second.

When policing is configured, it limits the flow of data through the router by dropping or marking down the QoS value traffic that is out-of-profiles. Policing allows the router to limit the rate of specific types to a level lower than what they might get otherwise based only the interface bandwidth.

The ES20 line card supports ingress policing. For information on configuring policing, see "Configuring Policing" section.

Ingress Marking

After it has been classified, traffic can be marked. Marking is a way to selectively modify the classification bits in a packet to identify traffic within the network. Other interfaces can then match traffic based on the markings.

The ES20 line card supports ingress marking. For information on configuring marking, see "Configuring Marking" section.

Ingress Shaping

The ES20 line card does not support ingress shaping.

Egress QoS Functions in a Cisco 7600 Series Ethernet Services 20G Line Card

The following sections describe QoS functions on the ES20 line card egress ports.

Egress Classification

Classification entails using a traffic descriptor to categorize a packet within a specific group to define that packet and make it accessible for QoS handling on the network. Using packet classification, you can partition network traffic into multiple priority levels or classes of service.

Traffic is classified to determine whether it should be:

•Marked for further processing.

•Queued to rate limit specific traffic types.

The ES20 line card supports egress classification. For information on configuring classification, see "Configuring Classification" section.

Egress Policing

The ES20 line card supports egress port policing only when paired with the priority command.

Egress Marking

After traffic has been classified, the router can mark it. You use marking to selectively modify the classification bits in the packet to differentiate packets based on the designated markings.

The ES20 line card supports egress port marking on service instances, maininterfaces, and subinterfaces. For information on configuring marking, see "Configuring Marking" section.

Egress Shaping

Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface and to ensure that the traffic conforms to policies contracted for it. You can use shaping to meet downstream requirements, thereby eliminating bottlenecks in topologies with data-rate mismatches.

The ES20 line card supports shaping on egress port, maininterfaces, subinterfaces, and service instances. For information on configuring shaping, see "Configuring Shaping" section.

Egress Queue Scheduling

The egress line card uses congestion avoidance to help prevent congestion and keep its buffers from overflowing.

The ES20 line card supports Class-based Weighted Fair Queuing (CBWFQ), Low Latency Queueing (LLQ), and Weighted Random Early Detection (WRED).

Restrictions

Follow these restrctions and guidelines when you configure QoS in a ES20 line card:

•A policy-map output on a route processor is linecard specific because all the policy-map statistics are exported from the linecard to the route processor. In a ES20 linecard egress scenario, an active Ternary Content Addressable Memory (TCAM) entry requires a queueing ASIC to relay the packet out of an egress interface. This is because the queue id is mapped to an egress port number programmed in a queuing ASIC through which packets are relayed out. However, a packet is dropped if a valid queue id is not allocated, and the TCAM entry is active. Hence classification happens only for classes with a valid queuing action in an egress direction.

•You can configure a minimum bandwidth of 128kbps when using the bandwidth command.

Configuring QoS Features Using MQC

The Modular QoS CLI (MQC) is a CLI structure that allows users to create traffic policies and attach these policies to interfaces. A traffic policy contains a traffic class and one or more QoS features. A traffic class is used to select traffic, while the QoS features in the traffic policy determine how to treat the classified traffic.

To configure QoS features using the Modular QoS CLI on the ES20 line card, complete the following basic steps:

Step 1 Define a traffic class using the class-map command.

Step 2 Create a traffic policy by associating the traffic class with one or more QoS features (using the policy-map command).

Step 3 Attach the traffic policy to the interface using the service-policy command.

For a complete discussion about MQC, refer to the "Modular Quality of Service Command-Line Interface" section of the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2 publication at:

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book.html

EVCS QoS Support

Ethernet Virtual Connection Services (EVCS) uses the concepts of service instances and EVCs (Ethernet virtual circuits). A service instance is the instantiation of an EVC on a given port on a given router. An EVC is an end-to-end representation of a single instance of a Layer 2 service being offered by a provider to a customer. It embodies the different parameters on which the service is being offered.

Mapping Between Bay and Ports

The following table maps the bay and port information in a ES20 line card:

Table 3-1 Mapping Between Bay and Ports


Specifications	Port/Bay Information
ESM20 1 GIG Variant with 2 Xchip ASICs where lower number of ports are assigned to Bay 0 and higher number ports are mapped to Bay 1.	Ports 0 to 9 mapped to Bay 0 Ports 10 to 19 mapped to Bay 1
ESM20 10 GIG Variant	10 G Port 0 mapped to Bay 0 10 G Port 1 mapped to Bay 1

Restrictions and Usage Guidelines

When configuring QoS with EVCs on the ES20 line card, follow these restrictions and usage guidelines:

•Service instances use MQC.

•QoS supports 16 000 service instances per line card and 8000 per bay.

•HQoS supports 990 policy-maps per bay.

•Configuring EVcs or subinterfaces is not permissible with QoS on the main interface.

•Ingress shaping is not supported.

•For egress QoS, both hierarchical and flat policy-maps are supported.

•Before creating a service instance or a sub interface, remove any policy-maps on the maininterface.

•Only classes defined with match vlan and vlan-inner and class-default can exist in a parent policy.

•As service instance configurations change, you must remove and reapply the policy because the policy-map configuration may no longer be valid. However, changes on the main interface related to QoS are not cascaded to EVC QoS.

•Because the policy-map does not work to its optimum capacity due to 1% of the port bandwidth being reserved for control packets, ensure that the policy-map is configured to use only 99% of the port bandwidth.

•EVCs with default encapsulation support policy-maps similar to other supported EVCs.

•Layer 3 classification, Ingress and Egress Marking combinations are supported for the ES20 line card on the Cisco 7600 series router. For more information on the supported combinations, see "Layer 3 Ingress Marking Scenarios On a Service Instance".

EVC QoS support is as follows:

•For EVC QoS, classification is based on the following filters, which can be combined:

–Inner VLAN tag

–Outer VLAN tag

–CoS

–CoS Inner

–Precedence

–Dscp

–Mpls exp (for egress classification only)

•For EVC QoS, marking is based on:

–Copy or rewrite inner CoS

–Copy or rewrite outer CoS

–Copy inner to outer CoS or vice versa

–Copy or rewrite on EXP

–Rewrite precedence

–Rewrite dscp

•For EVC QoS, actions supported include:

–Marking, bandwidth, WRED aggregate, shape average, queue-limit, priority with police

For EVC QoS configuration examples, see "EVC Configuration Examples" section.

Restrictions and User Guidelines for EVC Port Channel

When configuring QoS on a EVC port channel, follow these restrictions and user guidelines:

•In a EVC port channel, the maximum number of restricted queues is 8000 per bay. Ensure that you do not exceed the 8000 limitation.

•Maximum number of member links that can be configured on a line card is 8.

•On a port channel, each EVC is replicated by the number of member links. Ensure that the total number of EVCs after replication per bay does not exceed 8000.

•EVC port channels do not support percentage values of bandwidth and policing.

•Egress IP Precedence and DSCP marking are supported for EVCs or for EVCs with port channels.

Configuring Qos Over an EVC Group

A Service group is a logical interface that helps you to group EVCs, and apply features on the aggregate logical entity. An EVC group helps you to configure a single QoS policy-map on different EVCs. You can globally configure service groups, and associate the group IDs with each members to add new members. For example, you can configure the group ID within each EVC to associate EVCs with a particular service group.

Each EVC belongs to only one service group at a time and the group must exist before any members (EVCs) can join the group. In addition to the policy on the service group of which it is a member, you can also apply a policy on each EVC. A policy map is rejected if you simultaneously apply the policy-map on a group and an EVC in the same direction.

In 12.2(33)SRE release, QoS is supported on the service groups, and you can add EVCs or EVCs over PC as members of a service-group. You can use this feature to apply a QoS policy (both in ingress and egress) within service groups having EVCs or EVCs over PortChannel as its members.

Restrictions and Usage Guidelines

When configuring Qos over a EVC group, follow these restrictions and usage guidelines:

•This feature is supported only on service instances.

•Each service instance can belong to only one service group.

•In EVCs, all members of a service group must reside within the same interface.

•In EVCs within a port-channel, all members of a service group must reside within the port-channel.

•You cannot individually assign a member of a service group to a load-balance link of a port-channel. You should assign the whole group to the link.

• An EVC group cannot have members that are assigned to multiple load-balance links of a port-channel.

• Ensure that you have configured a EVC group before adding a service instance to it.

• Service Group membership is extended only to EVCs (service instances).

•You can apply a Qos Policy on groups or individual EVCs that are part of groups.

•Ingress 1R2C policing is not supported on EVC groups.

•You cannot simultaneously apply QoS on a EVC and its group in the same direction.

•Service group supports hierarchical Qos and flat ( class-default ) policy-maps.

• All QoS parameters ( Shape, Set, Bandwidth, BRR, Police (2r3c ) , Set, Wred) within a class, applicable to an EVC, are also supported on a group.

• 2r3c policer is supported in a ingress policy-map on a group.

Table 3-2 lists the scalability values of EVC groups:

Table 3-2 Scalability Values for ES20 line cards
Scalability	Values
Service Groups per bay	2000
Service Groups per line card	4000
Number of EVCs per service group	4000

SUMMARY STEPS

1. enable

2. configure terminal

3. service-group ID number

4. service-policy [input| output]

5. sh service-group ID number

6. interface GigabitEthernet slot/bay/port

7. service instance name

8. group ID number

9. sh service-group ID number

10. end

DETAILED STEPS


	Command	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode and enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	service-group ID number Example: Router(config)# service-group 1000	Assigns a service group ID number. The acceptable range is 1-32768.
Step 4	service-policy [input\| output] Example: Router(config-service-group)# service-policy output	Creates a service policy within the service group and attaches it to the ingress or egress of a service group.
Step 5	sh service-group ID number Example: Router# sh service-group 1000	Displays the service group for which an ID has been assigned or the members belonging to a service group.
Step 6	interface GigabitEthernet slot/bay/port Example: Router(config)# int gi 2/0/0	Identifies the interface to which the service group should be attached.
Step 7	service instance name Example: Router(config-if)# service instance 1 eth	Creates a service instance within the interface.
Step 8	group ID number Example: Router(config-if-srv)# group 1000	Adds the created group to the service instance.
Step 9	sh service-group ID number Example: Router# sh service-group 1000	Displays the service group for which an ID has been assigned or the service instances belonging to a service group.
Step 10	end Example: Router(config-if-srv)# end	Ends the command operations.

Example

The following example shows the creation of a service group and attaching the policy map to the egress:

Router(config)# service-g

Router(config)# service-group ?

  <1-32768>  Service Group ID Number

Router(config)# service-group 1000

Router(config-service-group)#ser

Router(config-service-group)# service-policy ?

input   Attach a policy-map to ingress of a service group

output  Attach a policy-map to egress of a service group

Router(config-service-group)# service-policy output <policy-map name>

The following example shows the creation of a service instance and adding a service group to the service instance:

Router(config)# int gi 2/0/0

Router(config-if)# ser

Router(config-if)# service in

Router(config-if)# service instance 1 eth

Router(config-if-srv)# en

Router(config-if-srv)# encapsulation d

Router(config-if-srv)# encapsulation do

Router(config-if-srv)# encapsulation dot1q 10

Router(config-if-srv)#?

Ethernet EFP configuration commands:

  bridge-domain   Bridge-domain

  default         Set a command to its defaults

  description     Service instance specific description

  encapsulation   Configure ethernet frame match criteria

  errdisable      Configure error disable

  ethernet        Configure ether lmi parameters

  exit            Exit from ETHER EFP configuration mode

  group           Join a service group

  ip              ip

  l2protocol      Configure l2 control protocol processing

  mac             Commands for MAC Address-based features

  no              Negate a command or set its defaults

  rewrite         Configure ethernet rewrite criteria

  service-policy  Attach a policy-map to an EFP

  shutdown        Take the Service Instance out of Service

  snmp            Modify SNMP service instance parameters

  xconnect        Xconnect commands

Router(config-if-srv)# gr

Router(config-if-srv)# group 1000

Router(config-if-srv)#

Router#

Execute the sh run service-group 1 command to display the input and output policymaps applied on a service group:

Router#

Router#

Router#sh ser

Router# sh service

*Apr 24 01:17:21.904: %SYS-5-CONFIG_I: Configured from console by console

Router#sh service-g

Router#sh service-group 1000

Service Group 1000:

  Number of members:                      1

  State:                                  Up

  Interface:                              GigabitEthernet2/0/0

Number of members: 1

Dual Rate Three Color (2R3C) Ingress Policer on Service Instances

Dual Rate Three Color Policing (2R3C), elaborated in RFC 2698, lists the following characteristics of the data packets:

•Metered and colored as green, yellow or red.

•Marked for transmission drop or QoS marking.

•Replenished in token buffer mode.

Based on the new feature implementation in ES20 line cards, the policy meter operates in a color blind mode in flat policy-maps. You can configure dual rates policing using the conform, exceed, and violate actions in the ingress service instances on an ES20 line card. For more information on Dual rate Three Color policers, refer to the section "QoS: Color-Aware Policer" at the following URL:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/12s_cap.html

You can configure the policer in any classes supported for marking. You can use the match vlan, match vlan inner, match QoS, or match CoS inner filters to configure these classes. For more information on Policing in ES20 line cards, refer the section "Configuring Policing" section.

Restrictions and Usage Guidelines

When configuring 2R3C ingress service policy on a ES 20 line card, follow these restrictions and usage guidelines:

•You cannot configure 2R3C policer with the following characteristics:

–A single rate two color (1R2C) policer in the same policy-map.

–Packets marked for transmission drop.

–Simultaneous execution of the set command operations in the same class.

•Maximum of 3000 policers are supported on an ES20 line card (for a total of 6000 per line card).

•If a 1R2C policer is configured, and actions other than conform, transmit, exceed, or drop are configured, or 1R2C is not as class-default, the microprocessor performs policing.

•If you do not configure the values for cir and pir, the CLI commands are rejected.

•2R3C policer works with user-class and class-default values.

•2R3C policer does not support set- cos command within the policer. set- cos command are part of policer action such as set-cos transmit.

•To set the DBUS COS, you can use set-cos action command instead of the set mpls exp .

•You cannot configure 2R3C and 1R2C policer within the same policy-map.

•You can configure a minimum policer value of 128 Kbps.

•A hierarchical qos policymap in ingress should comprise of police at parent policy and marking cos in child policy. Configuration of police in both parent and child policy maps is not supported.

•You must not change the child-policy dynamically when the parent policy is still attached to the interface.

•Flat 2R3C policer is supported.

•conform, exceed, and violate commands are used to mark all the policing actions.

•The following policing actions are supported in an ES20 line card:

– drop.

– set-cos-inner-transmit (sets the outer tag Cos).

–set-cos-transmit (sets dbus cos no tag Cos).

–transmit

–set-prec-transmit

–set dscp-transmit

–set mpls-exp-imposition-transmit

•The following default policer actions are supported in an ES20 line card:

–transmit for conform.

–drop for exceed and violate.

•You can classify cos-inner, vlan, and vlan-inner policers.

•Ingress classification and policing is performed before an EVC rewrite.

Note Effective from 12.2(33)SRD release onwards, the service-policy configuration supports policy conform burst (bc) size setting on an ES20 interface. Releases earlier than 12.2(33)SRD, do not support setting policy bc size.

SUMMARY STEPS

1. enable

2. configure terminal

3. class-map match-any class name

4. match cos name

5. match [ip] precedence precedence-value

6. policy-map policer

7. class class name

8. police cir bc pir be

9. conform-action [ set-cos-inner-transmit | set-cos-transmit]

10. exceed-action [ set-cos-inner-transmit | set-cos-transmit ]

11. violate-action [ transmit | drop ]

12. interface GigabitEthernet slot/bay/port

13. service instance ethernet interface

14. service policy input policy-map-name

15. end

DETAILED STEPS


	Command	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	class-map match-any class name Example: Router# configure class-map match any test	Configures the match criteria for a class-map to be successful match criteria for all packets.
Step 4	match cos name Example: Router# (config-cmap)# match cos2	Matches a packet based on a Layer 2 class of service (CoS) name.
Step 5	Router (config-cmap)# match [ip] precendence precedence-value Example: Router#(config-cpmap)# match ip precedence 3	Identifies IP precedence values as match criteria.
Step 6	Router (config-cmap)# policy-map policer Example: Router (config-cmap)# policy-map 2r3c	Specifies the traffic policy name and also allows you to enter policy-map configuration mode (a prerequisite for enabling QoS features such as traffic policing or traffic shaping).
Step 7	Router (config-pmap)# class class name Example: Router (config-pmap)# class test	Associates the traffic class with the traffic policy. For the class-name argument, you can specify the name of the class you created when you used the class-map command to create the traffic class.
Step 8	Router (config-pmap-c)# Police cir bc pir be Example: Router (config-pmap-c)# police cir 1000000 bc 5000 pir 100000000 be 10000000	Specifies a maximum bandwidth usage by a traffic class through the use of a token bucket algorithm, where: •cir—Specifies the CIR (Committed Information Rate) at which the first token bucket is updated as a value in bits per second. The value is a number from 128000 to 10000000000. •bc-conform burst—Specifies the conform burst (bc) size in bytes used by the first token bucket for policing. The value is a number from 1000 to 31,250,000. •pir rate—Specifies the PIR (Peak Information Rate) at which the second token bucket is updated as a value in bits per second. The value is a number from 128000 to 10000000000. •be—Specifies the exceed burst value used by the second token bucket.
Step 9	Router (config-pmap-c-police)# conform-action [set-cos-inner-transmit \| set-cos-transmit ] Example: Router (config-pmap-c-police)# conform-action set-cos-inner-transmit 4	Configures the traffic policing based on the options specified: •Inner-transmit. •Transmit.
Step 10	Router (config-pmap-c-police)# exceed-action [ set-cos-inner-transmit \| set-cos-transmit ] Example: Router(config-pmap-c-police)# exceed action set-cos-transmit 3	Configures the traffic policing according to the options specified: •Inner-transmit. •Transmit.
Step 11	Router (config-pmap-c-police)# violate-action [ transmit \| drop ] Example: Router (config-pmap-c-police)# violate action set-cos-transmit 3	Configures the traffic policing according to the options specified: •Transmit. •Drop.
Step 12	Router (config)# interface GigabitEthernet slot/bay/port Example: Router (config)# interface gig2/0/0	Identifies the interface to which the service policy should be attached.
Step 13	Router (config-if)# service instance ethernet interface Example: Router(config-if)# service instance 1 eth	Identifies the service instance of the interface to which the service policy is attached.
Step 14	Router (config-if-srv)# service policy input policy-map-name Example: Router(config-if-srv)# service policy input test	Attaches the configured policy-map to the ethernet service instance.
Step 15	end Example: Router(config-if-srv)# end	Ends the command operations.

Example

The following example shows the 2R3C configuration in a class and policy-map:

policy-map test

class cos2

police 1000000 pir 2000000 conform-action set-cos-transmit 3 exceed-action 
set-cos-transmit 1 violate-action drop

The service policy should be attached to the service instance of the interface as follows:

interface gig2/0/0

service instance 1 eth

---- EVC configurations ---

service-policy input test

Ingress Policing on EVC Port Channel

The EVC port channel supports 1R0C and 2R3C policers. The classifications and police actions supported on regular EVCs are supported on an EVC port channel.

Restrictions and Usage Guidelines

When configuring ingress policing on EVC port channel, follow these restrictions and guidelines:

•1R0C is supported only in class-default (classification), and not for service groups.

•1R0C supports these policing actions on packets:

–transmit for conformed packets

–drop for exceed packets

•1R0C does not support set action for conformed and exceeded packets.

•1R0C supports flat and HQOS policy maps. HQOS policy maps support policing actions only for the parent class class-default and marking action in child classes.

•2R3C is supported in these user class and class-default classification:

–match precedence

–match dscp

–match vlan-outer

–match vlan-inner

–match cos-outer

–match cos-inner

•2R3C supports the following policing actions:

–Conformed packets: transmit, set-cos-transmit, set-cos-inner-transmit, set-prec-transmit, set-dscp-transmit, set-exp-transmit

–Exceed packets: transmit, drop, set-cos-transmit, set-cos-inner-transmit, set-prec-transmit, set-dscp-transmit, set-exp-transmit

–Violate packets: transmit, drop, set-prec-transmit, set-dscp-transmit, set-exp-transmit

•2R3C is supported for service groups.

•2R3C supports only flat policy-maps.

•Each NPU complex supports a maximum of 3000 2R3C policers.

•The maximum value for cir is limited to 990 Mbps for a 1 Gb port and 9.9 Gbps for a 10 Gb port. For 2R3C policer, the same restriction applies to pir.

Configuring Ingress Policing on EVC Port Channel

Configuring policing on EVC port channel is same as that for configuring policing on a regular EVC. For configuration, refer the section "Configuring Policing" section.

Configuring Classification

Use the QoS classification features to select your network traffic and categorize it into classes for further QoS processing based on matching certain criteria. The default class, named "class-default," is the class to which traffic is directed for any traffic that does not match any of the selection criteria in the configured class-maps.

Restrictions and Usage Guidelines

When configuring traffic classes on an ES20 line card, follow these restrictions and usage guidelines:

•You can define up to 256 unique classes in a policy-map including class-default .

•A single class-map can contain up to 8 different match command statements.

•The ES20 line card does not support combining matches on QoS group, CoS, or input VLAN with other types of matching criteria (for example, access control lists [ACLs]) in the same class or policy-map. You cannot configure a class c1 with match CoS and class c2 with match ip prec in the same policy-map at same level.

•When configuring hierarchical QoS on the ES20 line card, if you configure matching on an input VLAN in a parent policy, then only matching on a QoS group is supported in the child policy.

•For ingress marking on EVCs, service instances support the match vlan command, match vlan-inner command, match cos command, match precedence, match dscp and match cos-inner commands.

•For egress marking on EVCs, service instances support the match vlan command, match vlan-inner command, match cos command, match precedence, match dscp, match mpls experimental and the match cos-inner commands.

•QoS classification on Egress ACL is not supported with the following TCP/UDP port parameters:

•Port range

•Port gt (greater than)

•Port lt (lesser than)

• Established (matching on established connections)

Table 3-3 provides information about which QoS classification features are supported for the ES20 line card on the Cisco 7600 series router. For more information about most of the commands documented in this table, refer to the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2SR, at:

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book.html

Table 3-3 QoS Classification Feature Support
Feature (match command)	Ingress	Egress	Comments
Match on access list (ACL) number (match access-group command)	•Maininterface •Subinterface •Switchport	•Maininterface •Subinterface	Supports the following ACLs: •IPv4 and IPv6. •Protocols—ARP, RARP, ICMP, IGMP, UDP, MAC, MPLS, and TCP. •Source and destination ports. •TCP flags. •ToS.
Match on ACL name (match access-group name command)	•Maininterface •Subinterface •Switchport	•Maininterface •Subinterface
Match on any packet (match any command)	•Maininterface •Subinterface •Switchport •EVC	•Maininterface •Subinterface •Switchport •EVC
Match on ATM cell loss priority (CLP) (match atm clp command)	—	—	Not supported.
Match on class-map (match class-map command)	—	—	Not supported.
Match on Class of Service (CoS) (match cos command)	•EVC	•EVC •Switchport •Subinterfaces	Supported for switchport queueing and EVC interface. Note CoS classification is available through PFC QoS using MAC address ACLs.
Match on inner CoS (match inner-cos command)	•EVC	•EVC
Match on Frame Relay discard eligibility (DE) bit (match fr-de command)	—	—	Not supported.
Match on Frame Relay data-link connection identifier (DLCI) (match fr-dlci command)	—	—	Not supported.
Match on input VLAN (match input vlan command—Matches the VLAN from an input interface.)	—	Maininterface	Supported for output interface only for software-based EoMPLS. Note The service policy is applied on the output interface to match the VLAN from the input interface. If you configure matching on input VLAN in a parent policy with hierarchical QoS, then only matching on QoS group is supported in the child policy.
Match on IP DSCP (match ip dscp command)	•Maininterface •Subinterface •Switchport •EVCs	•Maininterface •Subinterface •EVCs
Match on IP precedence (match ip precedence command)	•Maininterface •Subinterface •Switchport •EVCs	•Maininterface •Subinterface •EVCs
Match on IP Real-Time Protocol (RTP) (match ip rtp command)	—	—	Not supported.
Match on MAC address for an ACL name (match mac address command)	—	—	Not supported.
Match on destination MAC address (match destination-address mac command)	—	—	Not supported.
Match on source MAC address (match source-address mac command)	—	—	Not supported.
Match on MPLS experimental (EXP) bit (match mpls experimental command)	•Maininterface •Subinterface	•Maininterface •Subinterface •EVCs	Supported.
Match on Layer 3 packet length in IP header (match packet length command)	—	—	Not supported.
Match on QoS group (match QoS-group command)	—	Maininterface only for software-based EoMPLS configurations	Supported in software-based EoMPLS configurations only using hierarchical QoS, where the parent policy configures matching on input VLAN and the child policy configures matching on QoS group.
Match on protocol (match protocol command	•Maininterface •Subinterface •Switchport	•Maininterface •Subinterface	Supports matching on IP and IPv6.
Match on VLAN (match vlan command—Matches the outer VLAN of a Layer 2 802.1Q frame)	•EVC	•Switchport •EVC	Supported. •Outer VLAN ID matching for 802.1Q tagged frames on EVC.
Match on VLAN Inner (match vlan inner command—Matches the innermost VLAN of the 802.1Q tag in the Layer 2 frame)	•EVC	•EVC	Supported.
No match on specified criteria (match not command)	—	—	Not supported.

Configuration Tasks

To create a user-defined QoS traffic class, use the following commands beginning in global configuration mode:


	Command	Purpose
Step 1	Router(config)# class-map [match-all \| match-any] class-name	Creates a traffic class, where: •match-all—(Optional) Specifies that all match criteria in the class-map must be matched, using a logical AND of all matching statements defined within the class. This is the default. •match-any—(Optional) Specifies that one or more match criteria must match, using a logical OR of all matching statements defined within the class. •class-name—Specifies the user-defined name of the class. Note You can define up to 255 unique class-maps within a policy map as 1 class is always class-default.
Step 2	Router(config-cmap)# match type	Specifies the matching criterion to be applied to the traffic, where type represents one of the forms of the match command supported by the ES20 line card as shown in Table 3-3. Note A single class-map can contain up to 8 different match command statements.

Examples

This example shows how to configure a class-map named ipp5, and enter a match statement for IP precedence 5:

Router(config)# class-map ipp5

Router(config-cmap)# match ip precedence 5

Router(config-cmap)#

This is an example of configuring class matching on multiple match statements.

Router(config)# class-map match-any many (id 1047)

Router(config-cmap)# match ip  precedence 3

Router(config-cmap)# match access-group  100

Router(config-cmap)# match mpls experimental 5

This is an example of configuring class matching on named ACLS.

Router(config)# class-map match-all acl9 (id 1049)

Router(config-cmap)# match access-group name rock

This example shows a logical AND operation in a child policy with match vlan and class-default in a parent.

Router(config)# class-map match-all childAND

Router(config-cmap)# match cos 2-3

Router(config-cmap)# match cos inner 5 6

Router(config)# policy-map testchildAND

Router(config-pmap)# class childAND

Router(config-pmap-c)# shape average 100000000

Router(config)# policy-map parentAND

Router(config-pmap)# class vlan12

Router(config-pmap-c)# shape average 500000000

Router(config-pmap-c)# service-policy testchild

This example shows how to display class-map information for a specific class-map using the show class-map command:

Router# show class-map ipp5

Class Map match-all ipp5 (id 1)

Match ip precedence 5

This example shows how to display class-map information matching on extended ACLs using the show class-map command.

head# show class-map acl5

 Class Map match-all acl5 (id 1042)

   Match access-group  102

This example shows how to verify classification on a VLAN in the parent class of a HQoS policy.

head# show policy-map match

policy-map match4

  class child AND

   shape average 3000000

policy-map match2

  class child AND

    shape average 200000

Configuring Policing

This section describes information for configuring QoS traffic policing policies.

Restrictions and Usage Guidelines

The Cisco 7600 series routers support different forms of policing using the police command. See Table 3-4 to determine which policing features are supported by ES20 line card type.

When configuring ingress policing on main, subinterface, and VLAN, follow these restrictions and usage guidelines:

•The ES20 line card supports conform-action policing on input interfaces only.

•Egress policing command is executed when the priority is defined, and the policy-map is not rejected because we can add policing and priority. While you configure the LLQ values on a dynamically applied policy-map, ensure that you define police values followed by priority values.

•Egress policing command is executed when the priority is defined. The stand alone policing is not rejected because you can add priority values. When you configure the LLQ values on a dynamically applied policy-map, ensure that you define police values followed by bc and be priority values. You can configure these values and also define the queue limit.

•Use policing with priority queueing to limit the traffic rate in egress.When configuring policing paired with priority, the conform action is fixed to transmit while violate or exceed is fixed to drop. These action are not user configurable.

•When configuring one rate 2 color per EVC micro-flow policer:

–Up to 16,000 policers per line card are supported; only one per service instance configured within the class class-default.

–The conform-action or the exceed-action are statically defined and can not be altered.

–One form of policy configuration is support with optional marking in the child policy and policing in the parent policy.

Table 3-4 provides information about which policing features are supported for the ES20 line card on the Cisco 7600 series routers.

Table 3-4 QoS Policing Feature Support
Policing Feature (police command)	Supported Interfaces	ES20 Line Card
Policing by aggregate policer (police aggregate command)	•Maininterface •Subinterface	Supported in ingress only.
Policing by bandwidth using token bucket algorithm (police command)	•Maininterface •Subinterface •EVC (egress only)	For egress, must be paired with priority command.
Policing with 2-color marker (committed information rate [CIR] and peak information rate [PIR]) (police (two rates) command—police cir pir form)	•Maininterface •Subinterface	Supported in ingress only.
Policing by flow mask (police flow mask command)	•Maininterface •Subinterface	Supported in ingress only.
Policing by microflow (police flow command)	•Maininterface •Subinterface	Supported in ingress only.
One rate 2 color per EVC micro-flow policer (committed information rate [CIR]) (police command—police cir form)	•EVC	Supported in ingress only beneath class class-default.

Table 3-5 provides information about the interfaces and their supported actions on an ES20 line card.

Table 3-5 One-Rate Two Color Ingress Support
Supported Interfaces	Conform Actions	Exceed Actions
Maininterface	•transmit •set dscp transmit •set precedence transmit •set mpls imposition exp	•drop •policed dscp transmit
Subinterface	•transmit •set dscp transmit •set precedence transmit •set mpls imposition exp	•drop •policed dscp transmit
EVC	transmit	drop Note EVC is supported only in class-default.
Switchport	•transmit •set dscp transmit •set precedence transmit •set mpls imposition exp	•drop •policed dscp transmit •set precdence •set dscp •set mpls imposition exp

Table 3-6 QoS Policing Action Support
Policing Action (set command)		ES20 Line Card
Drop the packet. (drop command)	•Maininterface •Subinterface •EVC	Supported—Ingress and egress.
Set the IP precedence and transmit. (set-prec-transmit command)	•Maininterface •Subinterface	Supported —Input interface only.
Set the IP DSCP and transmit. (set-dscp-transmit command)	•Maininterface •Subinterface	Supported—Input interface only.
Set the MPLS EXP bit (0-7) on imposition and transmit. (set-mpls-experimental-imposition-transmit command)	•Maininterface •Subinterface	Supported—Input interface only.
Set the MPLS EXP bit in the topmost label and transmit. (set-mpls-experimental-topmost-transmit command)	•Maininterface •Subinterface	Supported—Input interface only.
Transmit all packets without alteration. (transmit command)	•Maininterface •Subinterface •EVC	Supported—Ingress and egress.

Configuration Tasks

To create QoS traffic policies with policing, use the following commands beginning in global configuration mode:

Note When creating QoS traffic policies as shown below, you can perform only one of the commands shown in Step 3 through Step 7 for each policy. You can perform Step 4 or Step 5 or Step 6 or Step 7; do not attempt to perform Step 3 through Step 7 in the same policy.


	Command	Purpose
Step 1	Router(config)# mls QoS	Enables the QoS functionality on an interface.
Step 2	Router(config)# policy-map policy-map-name	Creates or modifies a traffic policy and enters policy-map configuration mode, where: •policy-map-name—Specifies the name of the traffic policy to configure. Names can be a maximum of 40 alphanumeric characters.
Step 3	Router (config-pmap)# class {class-name \| class-default}	Specifies the name of the traffic class to which this policy applies and enters policy-map class configuration mode, where: •class-name—Specifies that the policy applies to a user-defined class name previously configured. •class-default—Specifies that the policy applies to the default traffic class.
Step 4	Router(config-pmap-c)# police bps [burst-normal] [burst-max] conform-action action exceed-action action violate-action action	Specifies a maximum bandwidth usage by a traffic class through the use of a token bucket algorithm, where: •bps—Specifies the average rate in bits per second. Valid values are 128000 to 1 Gigabyte or 10 Gigabyte. •burst-normal—(Optional) Specifies the normal burst size in bytes. Valid values are 1000 to 51200000. The default normal burst size is 1500 bytes. •burst-max—(Optional) Specifies the excess burst size in bytes. Valid values are 1000 to 51200000. •action—Specifies the policing command (as shown in Table 3-5) for the action to be applied to the corresponding conforming, exceeding, or violating traffic.
Or
	Router(config-pmap-c)# police {cir cir} [bc conform-burst] {pir pir} [be peak-burst] [conform-action action [exceed-action action [violate-action action]]]	Configures traffic policing using two rates, the committed information rate (CIR) and the peak information rate (PIR), where: •cir cir—Specifies the CIR at which the first token bucket is updated as a value in bits per second. The value is a number from 128000 to 10000000000. •bc conform-burst—(Optional) Specifies the conform burst (bc) size in bytes used by the first token bucket for policing. The value is a number from 1000 to 31,250,000. •pir pir—Specifies the PIR at which the second token bucket is updated as a value in bits per second. The value is a number from 128000 to 10000000000. •be peak-burst—(Optional) Specifies the peak burst (be) size in bytes used by the second token bucket for policing. The size varies according to the interface and platform in use. •action—(Optional) Specifies the policing command (as shown in Table 3-5) for the action to be applied to the corresponding conforming, exceeding, or violating traffic.
Or
	Router(config-pmap-c)# police flow {bits-per-second [normal-burst-bytes] [maximum-burst-bytes] [pir peak-rate-bps]} \| [conform-action action] [exceed-action action] [violate-action action]	Configures a microflow policer, where: •bits-per-second—Specifies the CIR in bits per second. Valid values are from 32,000 to 4,000,000,000 bits per second. •normal-burst-bytes—(Optional) Specifies the CIR token-bucket size. Valid values are from 1000 to 31,250,000 bytes. •maximum-burst-bytes—(Optional) Specifies the PIR token-bucket size. Valid values are from 1000 to 31,250,000 bytes. •pir peak-rate-bps—(Optional) Specifies the PIR in bits per second. Valid values are from 32,000 to 4,000,000,000 bits per second. •action—Specifies the policing command (as shown in Table 3-5) for the action to be applied to the corresponding conforming, exceeding, or violating traffic.
Or
	Router(config-pmap-c)# police flow mask {dest-only \| full-flow \| src-only} {bits-per-second [normal-burst-bytes] [maximum-burst-bytes]} [conform-action action] [exceed-action action]	Configures a flow mask to be used for policing, where: •dest-only—Specifies the destination-only flow mask. •full-flow—Specifies the full-flow mask. •src-only—Specifies the source-only flow mask. •bits-per-second—Specifies the CIR in bits per second. Valid values are from 32,000 to 4,000,000,000 bits per second. •normal-burst-bytes—(Optional) Specifies the CIR token-bucket size. Valid values are from 1000 to 31,250,000 bytes. •maximum-burst-bytes—(Optional) Specifies the PIR token-bucket size. Valid values are from 1000 to 31,250,000 bytes. •action—Specifies the policing command (as shown in Table 3-5) for the action to be applied to the corresponding conforming or exceeding traffic.
Or
	Router(config-pmap-c)# police aggregate name	Specifies a previously defined aggregate policer name and configures the policy-map class to use the specified name of the aggregate policer.

Examples

This example shows a traffic policing configuration with the average rate at 128kbps, the normal burst size at 128,000 bytes, and the excess burst size at 4000 bytes:

Router(config)# class-map acgroup2

Router(config-cmap)# match access-group 2

Router(config-cmap)# exit

Router(config)# policy-map police

Router(config-pmap)# class acgroup2

police cir 128000 pir 10000000 conform-action transmit exceed-action drop 4 violate-action 
drop set-cos-transmit 4 violate-action drop

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Router(config)# interface gigethernet 1/0/0

Router(config-if)# service-policy input police

This example shows a policy that contains a one rate 2 color per EVC micro-flow policer with marking operations.

Router(config)# policy-map child

Router(config-pmap)# class cos1

Router(config-pmap-c)# set cos 5

Router(config-pmap)# class class-default

Router(config-pmap-c)# set cos 6

Router(config)# mls QoS

Router(config)# policy-map efppolicy

Router(config-pmap)# class class-default

Router(config-pmap-c)# police cir 200000000 bc 6250000 conform-action transmit 
exceed-action drop

Router(config-if)# service-policy child

This example shows a policy that contains a one- rate zero color (1R0C) policer:

Router(config)#policy-map 1r0c

Router(config-pmap)#class class-default

Router(config-pmap-c)#police cir 1000000

Router(config-pmap-c-police)#end

This example shows a policy that contains a two- rate three color (2R3C) policer:

Router(config)#policy-map 2r3c

Router(config-pmap)#class cos1

Router(config-pmap-c)#police cir 1000000 pir 2000000 conform-action set-prec-transmit 3

exceed-action set-prec-transmit 4 violate-action drop  
Router(config-pmap-c-police)#end

This example shows how to apply a policy-map on the EVC port channel:

Router(config)#int port-channel 100

Router(config-if)#service instance 1 ethernet 
Router(config-if-srv)#encapsulation dot1q 100 
Router(config-if-srv)#service-policy in 1r0c

Verification

Use the following commands to verify policing:


	Command	Purpose
	Router# show policy-map	Displays all configured policy-maps.
	Router# show policy-map policy-map-name	Displays the user-specified policy-map.
	Router# show policy-map interface	Displays statistics and configurations of all input and output policies that are attached to an interface.

This example shows how to display policing statistics using the show policy-map interface command in the EXEC mode.

sh policy-map int gig 4/0/5

GigabitEthernet4/0/5

Service-policy output: example

Counters last updated 00:00:00 ago

queue stats for all priority classes:

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/121416/0

(pkts output/bytes output) 428079/640406145

Class-map: prec1 (match-all)

497836 packets, 744762656 bytes

5 minute offered rate 18806000 bps, drop rate 828000 bps

Match: ip precedence 1

police:

cir 3000000 bps, bc 93750 bytes

conformed 324764 packets, 485846905 bytes; actions: transmit

exceeded 121416 packets, 181636879 bytes; actions: drop

conformed 12256000 bps, exceed 842000 bps

Priority: Strict, b/w exceed drops: 121416

Class-map: class-default (match-any)

1761338 packets, 1138941205 bytes

5 minute offered rate 27792000 bps, drop rate 26713000 bps

Match: any

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 70/824757/0

(pkts output/bytes output) 300574/420798000

shape (average) cir 2000000, bc 8000, be 8000

target shape rate 2000000

This is another example of displaying policing statistics using the show policy-map interface command; in this case the statistics are for a one rate 2 color per EVC micro-flow policer.

TenGigabitEthernet4/0/0: EFP 1

Service-policy input: policesmall

Counters last updated 00:00:00 ago

Class-map: class-default (match-any)

12353351 packets, 3627868092 bytes

5 minute offered rate 671206 bps, drop rate 543206 bps

Match: any

police:

cir 128000 bps, bc 4000 bytes

conformed 2096904 packets, 130008048 bytes; actions: transmit

exceeded 10256447 packets, 134308720 bytes; actions: drop

conformed 127000 bps, exceed 543206 bps

Attaching a QoS Traffic Policy to an Interface

Before a traffic policy can be enabled for a class of traffic, it must be configured on an interface. A traffic policy also can be attached to Ethernet subinterfaces, maininterfaces, and service instances.

Traffic policies can be applied for traffic coming into an interface (input), and for traffic leaving that interface (output).

Attaching a QoS Traffic Policy for an Input Interface

When you attach a traffic policy to an input interface, the policy is applied to traffic coming into that interface. To attach a traffic policy for an input interface, use the following command beginning in interface configuration mode:


Command	Purpose
Router(config-if)# service-policy input policy-map-name	Attaches a traffic policy to the input direction of an interface, where: •policy-map-name—Specifies the name of the traffic policy to configure.

Attaching a QoS Traffic Policy to an Output Interface

When you attach a traffic policy to an output interface, the policy is applied to traffic leaving that interface. To attach a traffic policy to an output interface, use the following command beginning in interface configuration mode:


Command	Purpose
Router(config-if)# service-policy output policy-map-name	Attaches a traffic policy to the output direction of an interface, where: •policy-map-name—Specifies the name of the traffic policy to configure.

Configuring Marking

After you have created your traffic classes, you can configure traffic policies to configure marking features to apply certain actions to the selected traffic in those classes.

In most cases, the purpose of a packet mark is identification. After a packet is marked, downstream devices identify traffic based on the marking and categorize the traffic according to network needs. This categorization occurs when the match commands in the traffic class are configured to identify the packets by the mark (for example, match ip precedence, match ip dscp, match cos, and so on). The traffic policy using this traffic class can then set the appropriate QoS features for the marked traffic.

In some cases, the markings can be used for purposes besides identification. Distributed WRED, for instance, can use the IP precedence, CoS, IP DSCP, or MPLS EXP values to detect and drop packets.

Restrictions and Usage Guidelines

When configuring class-based marking on an ES20 line card, follow these restrictions and usage guidelines:

•Ingress packet marking is supported on maininterfaces, subinterfaces, and service instances. You can configure packet marking and queueing actions in the same traffic policy.

•If an ingress service policy configures both class-based marking and marking as part of a policing action, then the marking using policing takes precedence over any class-based marking.

•The Scalable EoMPLS on 7600-ESM-2X10GE and 7600-ESM-20X1GE feature supports mapping of the incoming VLAN dot1q p-bits to the outgoing MPLS EXP bits. Only outer tag dot1q pbits mapping is supported.

•The Scalable EoMPLS on 7600-ESM-2X10GE and 7600-ESM-20X1GE feature supports mapping of the incoming MPLS EXP bits to the outgoing VLAN dot1q p-bits.

•MultiPoint Bridging over Ethernet on 7600-ESM-2X10GE and 7600-ESM-20X1GE supports set cos and set cos inner commands in ingress marking. However, from 12.2(33) SRE onwards, ingress marking also supports set dscp and set precedence commands.

•Set operations are not allowed at the parent level.

•Up to two marking combinations can occur with the exception that Layer 2 marking is not combined with Layer 3 marking operations.

•You should configure no mls qos trust value for ingress marking on the main and subinterfaces.

Table 3-7 and Table 3-8 provides information about the various Ingress and Egress Marking combinations supported for a ES20 line card on the Cisco 7600 series router.

For example, in Table 3-7, ¸ marked against DSCP and Cos (row 4 col 1) indicates that you can mark DSCP and Cos within a single class. Similarly, a x marked against MPLS Experimental and Precedence (row 5 col 3) indicates that you cannot use both within a single class.

Table 3-7 Layer 3 Egress Marking Scenarios For EVCs


	Cos	Cos Inner	Precedence	DSCP	EXP	Cos and Cos Inner
Cos	—	¸	¸	¸	¸	—
Cos_Inner	¸	—	x	x	¸	—
Precedence	¸	x	—	x	x	¸
DSCP	¸	x	x	—	x	¸
MPLS Experimental	¸	¸	x	x	—	¸
Cos and Cos Inner	—	—	¸	¸	¸	—

Table 3-8 Layer 3 Ingress Marking Scenarios On a Service Instance


	Cos	Cos Inner	Precedence	DSCP	EXP	Cos and Cos Inner
Cos	—	¸	¸	¸	x	—
Cos_Inner	¸	—	x	x	¸	x
Precedence	¸	x	—	—	¸	¸
DSCP	¸	x	—	—	¸	¸
MPLS Experimental	x	¸	¸	¸	¸	—
Cos and Cos Inner	—	—	¸	¸	—	—

The following example shows the sample ingress policy map for layer 3 marking support.

policymap policy1-in

class prec5

set cos 6

class cos_tos_all

set ip prec 4

class class-default

police cir 1000000

The following example shows Egress marking - port in set trust cos mode.

policymap policy1-eg-mark-BD

class prec5

set cos 5

set ip dscp af31

shape average 1000000

class cos_in

set cos cos-inner

shape average 2000000

class cos_exp_all

set cos 6

shape average 3000000

policymap policy-hqos-eg-mark-BD

class cosin_cos_dscp_all

set ip dscp af31

shape average 1000000

class class-default

shape average 2000000

service-policy policy1-eg-mark-BD

The following example shows the sample output of the sh command.

pacv-7609S#sh policy-map interface ten4/0/1 service instance 1

TenGigabitEthernet4/0/1: EFP 1

Service-policy output: policy-hqos-eg-mark-BD

Counters last updated 00:00:04 ago

Class-map: cosin_cos_dscp_all (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: cos  1

Match:  dscp 3

Match: cos inner  3

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

QoS Set

dscp af31

Packets marked 0

shape (average) cir 1000000, bc 4000, be 4000

target shape rate 1000000

Class-map: class-default (match-any)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: any

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

shape (average) cir 2000000, bc 8000, be 8000

target shape rate 2000000

Service-policy : policy1-eg-mark-BD

Counters last updated 00:00:04 ago

Class-map: prec5 (match-any)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: ip precedence 5

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

QoS Set

cos 5

Packets marked 0

dscp af31

Packets marked 0

shape (average) cir 1000000, bc 4000, be 4000

target shape rate 1000000

Class-map: cos_in (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: cos inner  4

Queueing

Queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

QoS Set

cos cos-inner

Packets marked 0

shape (average) cir 2000000, bc 8000, be 8000

target shape rate 2000000

Class-map: cos_exp_all (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: mpls experimental topmost 3

Match: cos  1

Queueing

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

QoS Set

cos 6

Packets marked 0

shape (average) cir 3000000, bc 12000, be 12000

target shape rate 3000000

Class-map: class-default (match-any)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: any

queue limit 66 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

Table 3-9 Qos Class Based Marking Feature Support On A Main-Interface, Sub-Interface, and Serivce Instance


Marking Feature (set command)	Ingress	Egress	ES20 Line Card
Set ATM CLP bit (set atm-clp command—Mark the ATM cell loss priority bit with value of 1)	—	—	Not supported.
Set discard class (set discard-class command—Marks the packet with a discard class value for per-hop behavior)	—	—	Not supported.
Set Frame Relay DE bit (set fr-de command—Mark the Frame Relay discard eligibility bit with value of 1)	—	—	Not supported.
Set IP DSCP (set ip dscp command—Marks the IP differentiated services code point (DSCP) in the type of service (ToS) byte with a value from 0 to 63.)	•Subinterface •Maininterface •Switchport •EVC interface	•Subinterface •Maininterface •Switchport •EVC interface	Supported on ingress and egress.
Set IP precedence (set ip precedence command—Marks the precedence value in the IP header with a value from 0 to 7.)	•Subinterface •Maininterface •Switchport •EVC	•Subinterface •Maininterface •Switchport •EVC	Supported on ingress and egress.
Set Layer 2 802.1Q CoS (set cos command—Marks the CoS value from 0 to 7 in an 802.1Q tagged frame.)	•EVC interface	•Subinterface •EVC interface •Switchport	•Subinterfaces supported on egress. •EVCs supported in ingress and egress.
Set Layer 2 802.1Q CoS (set cos-inner command—Marks the inner CoS field from 0 to 7 in a bridged frame.)	•EVC	•Subinterface •EVC interface	•Subinterfaces supported on output. •EVCs supported in ingress and egress.
Set Layer 2 802.1Q CoS (set cos-inner cos command—Copies out CoS to inner CoS.	•EVC	•Subinterface •EVC interface	•Subinterfaces supported on egress. •EVCs supported in ingress and egress.
Set Layer 2 802.1Q CoS (set cos cos-inner command)	•EVC	•Subinterface •EVC interface	•Subinterfaces supported on output. •EVCs supported in input and output direction.
Set MPLS experimental (EXP) bit on label imposition (set mpls experimental imposition command)	•Maininterface •Subinterface •EVC interface •Switchport	Not supported	Supported on ingress for a service instance. Note Marking of EXP in case of MPB results in marking of DBUS CoS. Marking of EXP in case of xconnect and connect results in the marking of DBUS Cos as well as the MPLS Tags added as part of xconnect/connect processing.
Set MPLS EXP topmost (set mpls experimental topmost command)	—	EVC interface	Supported for EVC in egress.
Set QoS group (set QoS-group command—Marks the packet with a QoS group association.)	—	—	Not supported.

Configuration Tasks

To configure a QoS traffic policy with class-based marking, use the following commands beginning in global configuration mode:


	Command	Purpose
Step 1	Router(config)# policy-map policy-map-name	Creates or modifies a traffic policy and enters policy-map configuration mode, where: •policy-map-name—Specifies the name of the traffic policy to configure. Names can be a maximum of 40 alphanumeric characters.
Step 2	Router (config-pmap)# class {class-name \| class-default}	Specifies the name of the traffic class to which this policy applies and enters policy-map class configuration mode, where: •class-name—Specifies that the policy applies to a user-defined class name previously configured. •class-default—Specifies that the policy applies to the default traffic class.
Step 3	Router(config-pmap-c)# set type	Specifies the marking action to be applied to the traffic, where type represents one of the forms of the set command supported by the ES20 line card as shown in Table 3-8.

Examples

This example shows the creation of a service policy called policy1. This service policy is associated to a previously defined classification policy through the use of the class command. This example assumes that a classification policy called class1 was previously configured.

Router(config)# policy-map policy1

Router(config-pmap)# class class1

Router(config-pmap-c)# set ip precedence 1

Verification

Use the following commands to verify marking:


	Command	Purpose
	Router# show policy-map	Displays all configured policy-maps.
	Router# show policy-map policy-map-name	Displays the user-specified policy-map.
	Router# show policy-map interface	Displays statistics and configurations of all input and output policies that are attached to an interface.

For more detailed information about configuring class-based marking features, refer to the Class-Based Marking document located at the following URL:

http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/cbpmark2.html

Configuring Shaping

This section describes information for configuring QoS traffic policies for shaping traffic.

Restrictions and Usage Guidelines

When configuring queueing features on an ES20 line card, follow these restrictions and usage guidelines:

•The Cisco 7600 series routers support different forms of queueing features. See Table 3-10 to determine which traffic shaping features are supported by the ES20 line card type.

•Use a hierarchical policy if you want to achieve minimum bandwidth guarantees using CBWFQ. First, configure a parent policy to shape to the total bandwidth required. Then, define a child policy using CBWFQ for the minimum bandwidth percentages.

•Traffic shaping is a queue with some CIR and excess information rate (EIR) value, such that CIR plus EIR is the shaped rate. Traffic shaping on an average cuts the flow of traffic from the queue at the configured shape rate over a mean period of time

For more detailed information about configuring congestion management features, refer to the Cisco IOS Quality of Service Solutions Configuration Guide document corresponding to your Cisco IOS software release.

Table 3-10 provides information about which QoS traffic shaping features are supported for the ES20 line card on the Cisco 7600 series router.

Table 3-10 QoS Traffic Shaping Feature Support
Traffic Shaping Feature (command)	ES20 Line Card
Adaptive shaping for Frame Relay (shape adaptive command)	Not supported.
Class-based shaping (shape average, shape peak commands)	Supports shape average only in egress.
Policy-map class shaping with adaptation to backward explicit congestion notification (BECN) (shape adaptive command)	Not supported.
Policy-map class shaping with reflection of forward explicit congestion notification (FECN) as BECN (shape fecn-adapt command)	Not supported.
Policy-map class shaping of peak rate of traffic by percentage of bandwidth (shape peak percent command)	Not supported.

Configuration Tasks

Use MQC to configure traffic shaping. Create a class-map using the class-map command and a policy-map using the policy-map command. Attach the class to the policy using the class command and then use the shape command to configure shaping for that class.


	Command	Purpose
Step 1	Router(config)# class-map [match-all \| match-any] class-name	Creates a class-map to be used for matching packets to a class.
Step 2	Router(config-cmap)# match [ip dscp ip-dscp-value \| ip precedence ip-precedence-value \| mpls experimental mpls-exp-value]	Specifies a specific IP DSCP, IP precedence, or MPLS EXP value as a match criterion.
Step 3	Router(config)# policy-map policy-name	Specifies the name of the policy-map to configure.
Step 4	Router(config-pmap)# class class-name	Specifies the name of a predefined class included in the service policy.
Step 5	Router(config-pmap-c)# shape [average] mean-rate [[burst-size] [excess-burst-size]]	Specifies new values for traffic shaping. Maximum values are 128000 to 990 Mbps or 9.9Gb.

Examples

This example shows traffic shaping on a main interface; traffic leaving interface Gig1/0/0 is shaped at the rate of 10 Mbps:

Router(config)# class-map class-interface-all

Router(config-cmap)# match ip precedence 1

Router(config-cmap)# exit

Router(config)# policy-map dts-interface-all-action

Router(config-pmap)# class class-interface-all

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# exit

Router(config)# interface gig 1/0/0

Router(config-if)# service-policy output dts-interface-all-action

This is an example of an output shaping policy on a switchport interface that matches on a CoS value queuing defined in the classes.

Router(config)# policy-map switchport-cos-policy

Router(config-pmap)# class cos1

Router(config-pmap-c)# shape ave 100000000

Now the policy is applied in the egress direction on the main switchport.

Router(config)# interface TenGigabitEthernet9/0/0

Router(config-if)# switchport

Router(config-if)# switchport access vlan 2000

Router(config-if)# switchport mode access

Router(config-if)# mls QoS trust cos

Router(config-if)# service-policy output switchport-cos-policy

In this example, the flat policy-map is applied in the egress direction to a subinterface.

Router(config)# policy-map x

Router(config-pmap)# class prec5

Router(config-pmap-c)# police 100000000

Router(config-pmap-c)# priority

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 100000000

In this example, the following policy-map is applied in the egress direction to a subinterface.

Router(config)# policy-map child2

Router(config-pmap)# class prec5

Router(config-pmap-c)# shape average 100000000

Router(config)# policy-map pcd

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 300000000

Router(config-if)# service-policy child2

Verification

Use the following commands to verify traffic shaping:


	Command	Purpose
	Router# show policy policy-name	Displays the configuration of all classes composing the specified traffic policy.
	Router# show policy policy-name class class-name	Displays the configuration of the specified class of the specified traffic policy.

Configuring Shaping on the ES20 Main Interface

A traffic policy can be nested within a QoS policy when the service-policy command is used in a policy-map class configuration mode. A traffic policy that contains a nested traffic policy is called a hierarchical traffic policy.

A hierarchical traffic policy contains a child and a parent policy. The service-policy command associates the previously defined child policy with the new traffic policy and the parent policy uses the preexisting traffic policy.

Hierarchical traffic policies are supported on subinterfaces, EVCs, and EVC port channels. When hierarchical traffic policies are used, you c an use a single traffic policy (with a child and a parent policy) to shape and prioritize traffic.

You can use this feature to configure a HQoS on an ES20 main interface where the child policy-map is attached to the class-default of a parent policy-map. For more information on hierarchical shaping, refer to the section "Configuring Hierarchical QoS with Tiered Policy-Maps" section

About Traffic Shaping

Traffic shaping:

•Controls the outbound traffic of an interface to match its flow to the speed of the remote target interface.

•Manages the access to the available bandwidth.

•Regulates the traffic flow to avoid congestion.

•Ensures that the traffic conforms to policies contracted for it.

•Shapes the traffic to eliminate the bottlenecks in topologies with data-rate mismatches.

Cisco IOS QoS uses policing and shaping to regulate data traffic. The rate-limiting features of the Committed Access Rate (CAR) and the Traffic Policing feature provides the functionality to police the traffic and the features of Generic Traffic Shaping (GTS), Class-Based Shaping, and Distributed Traffic Shaping (DTS) provides the functionality to shape traffic.
For more information on Shaping, refer to the "HQoS Polices with Shape in Child Classes"section in the Cisco IOS Quality of Serivce Configuration Guide.

Cisco IOS QoS software uses two types of traffic shaping: GTS and Class-Based.

Their have:

•Similar traffic shaping methods using different CLIs.

•Different types of queues to contain and shape deferred traffic.

•Weighted fair queue to hold the delayed traffic for the deferred packets.

Restrictions and Usage Guidelines

Follow these restrictions and usage guidelines when you configure shaping on an ES20 main interface:

•When a child policy is added to the class-default, no other classes should exist on the parent level.

•When you apply a service policy on a main interface, ensure that the EVC or subinterface is not configured within the main interface.

•A minimum of 128 Kbps shape value and a maximum of 99% of interface bandwidth is supported.

Non example

In the following non example, the policy-map parent has a user-defined class prec1 and a class class-default with a attached child policy.

Based on the following example, this feature does not support policies with:

•user-defined classes at the parent level.

•Class defaults with attached child policies.

Policy-map parent

Class prec1

Shape average 10000000

Class class-default

Shape average 100000000

Service-policy child

Policy-map child

Class prec0

Shape average 50000000

Class class-default

Shape average 50000000

Though this feature does not support the following scenario, you can apply the policies in the following example.

Policy-map parent

Class vlan12 (matches on Vlan 12)

Shape average 10000000

Class class-default

Shape average 20000000

Service-policy child

policy-map child

class cos0

shape average 5000000

class cos1

shape average 5000000

class class-default

shape average 20000000

Configuring the Child Policy

SUMMARY STEPS

1. enable

2. configure terminal

3. policy-map policy name

4. class class-default

5. class class name

6. shape [average] mean-rate

7. class class-default

8. shape [average] mean-rate

9. exit

DETAILED STEPS


	Command	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	policy-map policy name Example: P19_C7609-S(config)# policy-map child	Enters the policy name.
Step 4	class class default Example: P19_C7609-S(config)#(config-pmap-c) class class default	Applies a class default value to the policy-map.
Step 5	class class name Example: P19_C7609-S(config-pmap)# class test	Attaches a class map to the child policy-map.
Step 6	shape [average] mean-rate Example: P19_C7609-S(config-pmap-c)# shape average 50000000	Sets the average shaping rate in bits per second for the child policy-map.
Step 7	class class-default Example: P19_C7609-S(config-pmap-c)# class class-default	Specifies the name of the class, whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.
Step 8	shape [average] mean-rate Example: P19_C7609-S(config-pmap-c)# shape average 50000000	Sets the average shaping rate in bits per second for the child policy-map.
Step 9	exit Example: Router (config-if)#	Exits to global configuration mode.

Configuring the Parent Policy

SUMMARY STEPS

1. enable

2. configure terminal

3. policy-map policy name

4. class class-default

5. shape [average] mean-rate

6. service-policy policy-map name

7. interface type value

8. service-policy [output class-default]

9. exit

DETAILED STEPS


	Command	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	policy-map policy-map Example: P19_C7609-S(config-pmap-c)# policy-map parent	Creates a parent policy-map with a specified name.
Step 4	class class-default Example: P19_C7609-S(config-pmap)# class class-default	Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class), before you configure its policy.
Step 5	shape [average] mean-rate Example: P19_C7609-S(config-pmap-c)# shape average 100000000	Sets the average shaping value in bits per second to ensure a specific bandwidth.
Step 6	service- policy policy-map name Example: P19_C7609-S(config-pmap-c)# service-policy child	Configures the hierarchical child policy.
Step 7	interface type value Example: Router (config)# interface gig2/0/0	Identifies the interface to which the service policy should be attached. The format of value is slot/subslot/port and ensure that you do not include a space between the type and value when you execute the command.
Step 8	service-policy [output class-default] Example: Router(config-if)# service-policy output parent	Attaches the configured parent policy-map to the Ethernet interface.
Step 9	exit Example: Router (config-if)#	Exits to global configuration mode.

Verification

You can execute the show run command to view the policy-map attached to the interface.In the following example, the child policy classifies and prioritizes the traffic, and the parent policy shapes the traffic.

USA# show policy-map int gig 1/0/0

GigabitEthernet1/0/0

Service-policy output: parent

Counters last updated 00:00:00 ago

Class-map: class-default (match-any)

2 packets, 164 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: any

Queueing

queue limit 3315 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 2/164

shape (average) cir 100000000, bc 400000, be 400000

target shape rate 100000000

Service-policy : child

Counters last updated 00:00:00 ago

Class-map: prec0 (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: ip precedence 0

Queueing

queue limit 1655 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

shape (average) cir 50000000, bc 200000, be 200000

target shape rate 50000000

Class-map: class-default (match-any)

2 packets, 164 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: any

Queueing

queue limit 1655 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 2/164

shape (average) cir 50000000, bc 200000, be 200000

target shape rate 50000000

end

Configuring QoS Queue Scheduling

This section describes ES20 line card-specific information for configuring QoS queue scheduling.

Restrictions and Usage Guidelines

When configuring queueing features on an ES20 line card, follow these restrictions and usage guidelines:

•The Cisco 7600 series routers support different forms of queueing features. See Table 3-11 to determine which queueing features are supported by ES20 line card type.

•You must use policing with priority queueing to limit the traffic rate.

•ES20 line card supports up to two LLQ queues per policy-maps with equal priority.

•If you receive any exceed errors on the line card, we recommend you to remove all the policy-maps from the erroneous port.

•Ensure that you configure the policy-maps to use 99% of the port bandwidth. Policy-map functions erroneously when it is configured to use the 100% bandwidth of the port because 1% of the port bandwidth is reserved for control packets.

•A maximum of 8000 queues are supported per bay.

•The maximum acceptable limit of the Excess Information Rate (EIR) limitation per port is 549 Gigabyte.

•Priority or low latency queue with bit rates (priority <kbps> command) is not supported.

•Priority or low latency queue with percent (priority percent command) is not supported.

Table 3-11 provides information about which QoS queueing features are supported for the ES20 line card on the Cisco 7600 series routers.

Table 3-11 QoS Congestion Management and Avoidance Feature Support
Congestion Management and Avoidance Feature (command)	ES20 Line Card
Aggregate Weighted Random Early Detection (WRED) (random-detect aggregate, random-detect dscp (aggregate), and random-detect precedence (aggregate) commands)	Egress supported. Note WRED DSCP based aggregate is supported only on the main and subinterfaces of Layer 3. It is not supported on EVC interfaces.
Weighted RED (WRED)	Not supported.
Class-based Weighted Fair Queueing (CBWFQ) (bandwidth, queue-limit commands)	Egress supported.
Flow-based Queueing (fair queueing/WFQ) (fair-queue command)	Not supported.
Low Latency Queueing (LLQ)/Priority Queueing (priority command paired with police command)	Egress supported.
Random Early Detection (RED) (random-detect commands)	Not supported.

Configuring WRED

Note You can use a maximum of 4 random detect statements with a single class-map and total of 128 WRED statements per bay.

To configure a QoS WRED policy, use the following commands beginning in global configuration mode:


	Command	Purpose
Step 1	Router(config)# policy-map policy-name	Specifies the name of the policy-map to configure.
Step 2	Router(config-pmap)# class class-name	Specifies the name of a predefined class included in the service policy.
Step 3	Router(config-pmap-c)# shape average	Shapes traffic to the indicated bit rate for the specified class.
Step 4	Router(config-pmap-c)# random-detect aggregate	Enables WRED.
Step 5	Router(config)# interface interface-name	Specifies the interface to which the policy-map will be applied.
Step 6	Router(config-if)# service-policy [output policy-name]	Attaches the specified policy-map to the interface.

Examples

This is an example of a WRED configuration.

Router(config)# policy-map wredtest

Router(config-pmap)# class cos5

Router(config-pmap-c)# shape average 200000000

Router(config-pmap-c)# random-detect precedence-based aggregate

Router(config-pmap-c)# random-detect precedence values 0 min 100 max 200 mark-prob 1

Router(config-pmap-c)# random-detect precedence values 1 min 300 max 500 mark-prob 1

Router(config-pmap-c)# random-detect precedence values 2 min 600 max 900 mark-prob 1

The default line can also be configured as follows:

Router(config-pmap-c)# random-detect precedence-based aggregate min 200 max 300 mark-prob 
1

Min and max threshold values listed in the previous command signifies the number of 256 byte packet buffers.

Note Packets or datagrams or frames larger than 256 bytes consumes more packet buffers.

Note In a EVC, if WRED config with precedence is used, the CoS value is mapped to the Prec value.

Configuring CBWFQ

To configure a QoS CBWFQ policy, use the following commands beginning in global configuration mode:


	Command	Purpose
Step 1	Router(config)# policy-map policy-map-name	Creates or modifies a traffic policy and enters policy-map configuration mode, where: •policy-map-name—Specifies the name of the traffic policy to configure. Names can be a maximum of 40 alphanumeric characters.
Step 2	Router (config-pmap)# class {class-name \| class-default}	Specifies the name of the traffic class to which this policy applies and enters policy-map class configuration mode, where: •class-name—Specifies that the policy applies to a user-defined class name previously configured. •class-default—Specifies that the policy applies to the default traffic class.
Step 3	Router(config-pmap-c)# bandwidth {bandwidth-kbps \| percent percent}	Specifies the amount of bandwidth, in kbps, or percentage of available bandwidth, to be assigned to the class. The minimum value to set is 128kbps.The amount of bandwidth configured should be large enough to also accommodate Layer 2 overhead.
Step 4	Router(config-pmap-c)# queue-limit number-of-packets	Specifies the maximum number of 256 byte packets that can be queued for the class. Note Packets or datagrams or frames larger than the 256 bytes consumes more packet buffers. For example a packet of size 500 bytes occupies 2 packet buffers. Note You cannot have more than 128 queue- limit commands per bay. Note You can use the queue-limit command with shape and priority queues. Note Cisco recommends that you use the default queue-limit tuned to the bandwidth rate configured in the queueing action. Use this step if the default is not satisfactory.

Examples

This example shows a service policy called policy1 that specifies the amount of bandwidth to allocate for traffic classes 1 and 2:

Router(config)# class-map class1 
Router(config-cmap)# match ip dscp 30

Router(config-cmap)# exit

Router(config)# class-map class2 
Router(config-cmap)# match ip dscp 10

Router(config-cmap)# exit

Router(config)# policy-map policy1

Router(config-pmap)# class class1

Router(config-pmap-c)# bandwidth 30000

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Router(config)# class class2

Router(config-pmap-c)# bandwidth 20000

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Router(config)#

Router(config)# interface gig 1/0/0 
Router(config-if)# service-policy output policy1

Router(config-if)# exit

Use the following commands to verify CBWFQ:


Command	Purpose
Router# show policy-map policy-map	Displays the configuration of all classes that make up the specified policy-map.
Router# show policy-map policy-map class class-name	Displays the configuration of the specified class of the specified policy-map.
Router# show policy-map interface interface-name	Displays the configuration of all classes configured for all policy-maps on the specified interface.

Configuring LLQ

To configure LLQ, use the Modular QoS command-line interface. Define the class of traffic with the class-map command, create a policy-map that contains the priority command, and apply the policy to the appropriate interface with the service-policy command.

You can configure a maximum of 2 priority queue with policing on two different classes.

To configure a policy with LLQ and to assign the policy to an interface, perform the following tasks in global configuration mode:


	Command	Purpose
Step 1	Router(config)# policy-map policy-name	Specifies the name of the policy-map to configure.
Step 2	Router(config-pmap)# class class-map-name	Specifies the name of a predefined class included in the service policy.
Step 3	Router(config-pmap-c)# police bps [burst-normal] [burst-max] conform-action action exceed-action action violate-action action	Specifies a maximum bandwidth usage by a traffic class through the use of a token bucket algorithm, where: •bps—Specifies the average rate in bits per second. Valid values are 128,000 to 200000000. •burst-normal—(Optional) Specifies the normal burst size in bytes. Valid values are 1000 to 31,250,000. The default normal burst size is 1500 bytes. •burst-max—(Optional) Specifies the excess burst size in bytes. Valid values are 1000 to 31,250,000. •action—Specifies the policing command (as shown in Table 3-5) for the corresponding conforming, exceeding, or violating traffic actions. Ensure that confirm action is always set to transmit and exceed and violate action is set to drop.
Step 4	Router(config-pmap-c)# priority	Gives strict priority to a class of traffic belonging to the policy-map.
Step 5	Router(config)# interface interface-name	Specifies the interface to which the policy-map will be applied.
Step 6	Router(config-if)# service-policy output policy-name	Attaches the specified policy-map to the interface.

Examples

The following example configures an output LLQ policy on a switchport interface that matches on a CoS value queuing defined in the classes.

Router(config)# policy-map switchport-llq-policy

Router(config-pmap)# class cos0

Router(config-pmap-c)# police 500000000

Router(config-pmap-c)# priority

Now the policy is applied to the interface.

Router(config)# interface TenGigabitEthernet9/0/0

Router(config-if)# switchport

Router(config-if)# switchport access vlan 2000

Router(config-if)# switchport mode access

Router(config-if)# mls QoS trust cos

Router(config-if)# service-policy output switchport-llq-policy

Configuring PFC QoS on a Cisco 7600 Series Ethernet Services 20G Line Card

The ES20 line card supports most of the same QoS features as those supported by the Policy Feature Card (PFC) on the Cisco 7600 series routers.

This section describes those QoS features that have ES20 line card-specific configuration guidelines. After you review the ES20 line card-specific guidelines described in this document, then refer to the Cisco 7600 Series Cisco IOS Software Configuration Guide, 12.2SR located at the following URL:

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/swcg.html

PFC QoS on a Cisco 7600 Series Ethernet Services 20G Line Card Configuration Guidelines

•Output policing is not supported.

•PFC egress marking is not supported.

•Ingress marking and policing is performed with PFC Qos.

Configuring Hierarchical QoS

Table 3-12 provides information about where the hierarchical QoS features are supported.

Table 3-12 Hierarchical QoS Feature Support
Feature	Supported Interfaces	ES20 Line Card
Hierarchical QoS for EoMPLS VCs (parent policy)		Supported at egress only using match iput vlan command in parent policy.
Hierarchical QoS—Tiered policy-maps with parent policy using class-default only on the subinterface.	Subinterface Maininterface	Parent supports class-default only in egress direction.
Hierarchical QoS—Tiered policy-maps with parent policy in user-defined match vlan on the maininterface.	Main switchport interface	Parent supports match vlan only in egress direction. Hierarchical class-default is not supported.
Hierarchical QoS with Ethernet MPB (service instance)	EVC	Parent supports class-default, match vlan, and match vlan inner commands in egress direction.

Hybrid Policy Support

The following hybrid policy is not supported on an ES20 line card.

LLB#sh policy-map unsupp

Policy Map unsupp

Class voip

Average Rate Traffic Shaping

cir 3000000 (bps)

service-policy child1

Class video

Average Rate Traffic Shaping

cir 2000000 (bps)

service-policy child2

Class class-default

Average Rate Traffic Shaping

cir 5000000 (bps)

service-policy child3

LLB#sh policy-map child1

Policy Map child1

Class prec3

Average Rate Traffic Shaping

cir 1500000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1000000 (bps)

LLB#sh policy-map child2

Policy Map child2

Class prec3

Average Rate Traffic Shaping

cir 1000000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1500000 (bps)

LLB#sh policy-map child3

Policy Map child3

Class prec3

Average Rate Traffic Shaping

cir 1500000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1000000 (bps)

LLB# sh policy-map unsupp

Policy Map unsupp

Class voip

Average Rate Traffic Shaping

cir 3000000 (bps)

Class video

Average Rate Traffic Shaping

cir 2000000 (bps)

Class class-default

Average Rate Traffic Shaping

cir 5000000 (bps)

service-policy child3

LLB#sh policy-map child3

Policy Map child3

Class prec3

Average Rate Traffic Shaping

cir 1500000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1000000 (bps)

The following configuration is supported on the maininterfaces, switchport, and EVCs:

LLB#sh policy-map supp

Policy Map supp

Class voip

Average Rate Traffic Shaping

cir 3000000 (bps)

service-policy child1

Class video

Average Rate Traffic Shaping

cir 2000000 (bps)

service-policy child2

Class class-default

Average Rate Traffic Shaping

cir 5000000 (bps)

LLB#sh policy-map child1

Policy Map child1

Class prec3

Average Rate Traffic Shaping

cir 1500000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1000000 (bps)

LLB#sh policy-map child2

Policy Map child2

Class prec3

Average Rate Traffic Shaping

cir 1000000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1500000 (bps)

LLB#sh policy-map child3

Policy Map child3

Class prec3

Average Rate Traffic Shaping

cir 1500000 (bps)

Class prec4

Average Rate Traffic Shaping

cir 1000000 (bps)

Configuring Hierarchical QoS with Tiered Policy-Maps

Hierarchical QoS with tiered policy-maps is a configuration where the actions associated with a class contain a queuing action (such as shaping) and a nested service policy, which in itself is a policy-map with classes and actions. This hierarchy of the QoS policy-map is then translated into a corresponding hierarchy of queues.

Configuration Guidelines

When configuring hierarchical QoS with tiered policy-maps on an ES20 line card, follow these restrictions and usage guidelines:

•You can configure up to two levels of hierarchy within the policy-maps.

•The parent policy-map has the following restrictions on a main switchport interface:

–Supports match vlan command in parent class and match cos command in the child class. You can configure shape or bandwidth queueing actions in any class (user-defined and class-default).

•When configuring hierarchical QoS for software-based EoMPLS, if you configure match input vlan in the parent policy, then you can only configure match QoS-group in the child policy.

•ES20 line card does not support a flat match QoS-group policy.

•In hierarchical QoS, the set command is not supported in the parent policy.

•In egress direction, the set command works if at least one queueing action is configured in the policy. This queueing action can also exist in the parent policy while child policies contain only marking.

•The child policy-map supports shape, bandwidth, priority, set operations, and WRED QoS features.

•With hierarchical QoS on a subinterface, the parent policy-map supports hierarchical QoS using only the shape average command as a queueing action in the default class (class-default) only.

•If you configure shaping at both the parent policy and the child policy, the traffic is shaped first according to the parameters defined in the parent policy, followed by the parameters of the child policy.

•Use a hierarchical policy if you want to achieve minimum bandwidth guarantees using CBWFQ with a map class. First, configure a parent policy to shape to the total bandwidth required. Then, define a child policy using CBWFQ for the minimum bandwidth percentages.

•ES20 supports class-default hQoS policy-maps. A user-defined class-map in the parent policy is not supported on subinterfaces. The following example shows an unsupported policy-map on a sub-interface:

pavement#sh policy-map unsup

Policy Map unsup

Class prec4 *** not supported

Average Rate Traffic Shaping

cir 300000000 (bps)

Class class-default

Average Rate Traffic Shaping

cir 200000000 (bps)

service-policy unsup2

pavement#sh policy-map unsup2

Policy Map unsup2

Class prec2

Average Rate Traffic Shaping

cir 50000000 (bps)

Class prec3

Average Rate Traffic Shaping

cir 100000000 (bps)

•You can configure hierarchical QoS up to the following limits, according to the current Cisco IOS software limits:

–Up to 1024 class-maps

–Up to 1024 policy-maps

–Up to 256 unique classes in a policy-map including class-default

The following example shows configuration of hierarchical QoS that maps to two levels of hierarchical queues. The first-level policy (the parent policy) configures the aggregated data rate to be shaped to 1 Mbps for the class-default class. The second-level policy (the child policy) configures the traffic in User-A class for 40 percent of the bandwidth and traffic in User-B class for 20 percent of the bandwidth.

! Configure the class-maps with your matching criteria

Router(config)# class-map match-any User-A

Router(config-cmap)# match access-group A

Router(config-cmap)# exit

Router(config)# class-map match-any User-B

Router(config-cmap)# match access-group B

Router(config-cmap)# exit

Configure the parent policy for class-default to shape all traffic in that class and apply a second-level policy.

Router(config)# policy-map child

Router(config-pmap)# class User-A

Router(config-pmap-c)# bandwidth percent 40

Router(config-pmap-c)# exit

Router(config-pmap)# class User-B

Router(config-pmap-c)# bandwidth percent 20

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Router(config)# policy-map parent

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape 1000000

Router(config-pmap-c)# service-policy child

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Configure the child policy to allocate different percentages of bandwidth by class.

!Apply the parent service policy to an output subinterface.

Router(config)# interface TenGigabitEthernet 2/0/0.1

Router(config-if)# encapsulation dot1q 11

Router(config-if)# service-policy output parent

The following example shows configuration of hierarchical QoS that maps to two levels of hierarchical queues, where the parent policy configures average traffic shaping rates on both user-defined classes as well as the class-default class, which is supported beginning in Cisco IOS Release 12.2(33)SRA. This configuration does not show the corresponding class-map configuration, which also is required to support these policy-maps.

Configure the parent policy for user-defined and class-default classes to shape traffic in those classes and apply a second-level policy.

Configure the child policy to allocate different percentages of bandwidth by class.

Router(config)# policy-map child-pm

Router(config-pmap)# class cos0

Router(config-pmap-c)# bandwidth percent 10

Router(config-pmap-c)# exit

Router(config-pmap)# class cos1

Router(config-pmap-c)# bandwidth percent 10

Router(config-pmap-c)# exit

Router(config-pmap)# exit

Router(config)# policy-map parent

Router(config-pmap)# class vlan100

Router(config-pmap-c)# shape average 1000000

Router(config-pmap-c)# service-policy child-pm

Router(config-pmap-c)# exit

Router(config-pmap)# class vlan200

Router(config-pmap-c)# shape average 1000000

Router(config-pmap-c)# service-policy child-pm

Router(config-pmap-c)# exit

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 2000000

Router(config-pmap-c)# exit

Router(config-pmap)# exit

! Apply the parent service policy to an output interface.

Router(config)# interface TenGigabitEthernet 2/0/0

Router(config-if)# switchport

Router(config-if)# switchport access vlan 2000

Router(config-if)# switchport mode access

Router(config-if)# mls QoS trust cos

Router(config-if)# service-policy output switchport-cos-policy

Router(config-if)# service-policy output parent-pm

This example shows how to display information a class-default HQoS policy with child policy matching on various supported criteria.

Router# show policy-map parent2

  Policy Map parent2

    Class class-default

Router(config-pmap-c)# shape average 3000000000 12000000 12000000

      service-policy child

head# show policy-map child

  Policy Map child

    Class dscp3

shape average 100000000 400000 400000

Class prec5

     police cir 200000000 bc 6250000 be 6250000 conform-action transmit exceed-action drop

      priority

    Class acl2

shape average 50000000 200000 200000

    Class class-default

      bandwidth 10 (%)

Configuring Hierarchical QoS for EoMPLS VCs

The Hierarchical Quality of Service (HQoS) for EoMPLS VCs feature extends support for hierarchical, parent and child relationships in QoS policy-maps. This feature also provides EoMPLS per-VC QoS for point-to-point VCs.

The new feature adds the ability to match the virtual LAN (VLAN) IDs that were present on a packet when the packet was originally received by the router. It also supports the ability to match on a QoS group that is set to the same value of the IP precedence or 802.1P class of service (CoS) bits that are received on the incoming interface. This allows service providers to classify traffic easily for all or part of a particular EoMPLS network, as well as to preserve the customer's original differentiated services (DiffServ) QoS values.

In EoMPLS applications, the parent policy-map typically specifies the maximum or the minimum bandwidth for a group of specific VCs in an EoMPLS network. Then child policy-maps in the policy can implement a different bandwidth or perform other QoS operations (such as traffic shaping) on a subset of the selected VCs.

This feature enables service providers to provide more granular QoS services to their customers. It also gives service providers the ability to preserve customer IP precedence or CoS values in the network.

Hierarchical QoS with Service Instances

The Hierarchical Quality of Service (HQoS) with Service Instances extends support for hierarchical, parent and child relationships in QoS policy-maps. Both flat and hierarchical policies can be applied to service instances configured as Ethernet MPB, EoMPLS, local connect, or selective QinQ.

Configuration Guidelines

When configuring hierarchical QoS with Ethernet Service Instances on an ES20 line card, follow these restrictions and usage guidelines:

•You can classify on the inner VLAN tag, the outer VLAN tag, or a combination of both. You can classify on the inner VLAN tag and CoS or the outer VLAN tag and CoS. You can classify on CoS, or CoS inner or any combination of these filters.

•The following MQC actions are permitted:

–Shaping

–Bandwidth

–Two priority queues per policy

–Set cos, set cos-inner, set cos cos-inner, set cos-inner cos, and set mpls exp commands

–set mpls exp is supported in ingress (for Eompls only).

–WRED aggregate

–Queue-limit

•For marking, you can copy or rewrite the inner cos, the outer cos, or both inner and outer cos, or your can copy the inner cos to outer cos or vice versa.

EVC Configuration Examples

This example shows ingress QoS on scalable EoMPLS.

Router(config)# interface gig 1/0/0

Router(config-if)# service instance 1 ethernet

Router(config-if-srv)# encapsulation dot1q 100

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-if)# xconnect 2.2.2.2 100 pw-class vlan-xconnect

Router(config-pmap-c)# service-policy input mark-it-in

Router(config)# policy-map mark-it-in

Router(config-pmap)# class cos0

Router(config-pmap-c)# set mpls exp 5

In this example of a single tag VLAN configuration, because the encapsulation dot1q 10 is already classified, only the inner VLAN and CoS values are configured.

Router(config)# interface gig 1/0/0

Router(config-if)# service instance 1

Router(config-if-srv)# encapsulation dot1q 10 second-dot1q any

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-if-srv)# bridge domain 200

Router(config-pmap-c)# service-policy input mark-it-in

Router(config)# policy-map mark-it-in

Router(config-pmap)# class innervlan20

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

This is an example of a single tag VLAN connect ingress policy.

Router(config)# interface interface GigabitEthernet1/0/1

Router(config-if)# service instance 100 ethernet

Router(config-if-srv)# encapsulation dot1q 10 second-dot1q any

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-pmap-c)# service-policy in mark-it-in

Router(config)# interface interface GigabitEthernet1/0/2

Router(config-if)# service instance 101 ethernet

Router(config-if-srv)# encapsulation dot1q 11 second-dot1q any

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-pmap-c)# service-policy in mark-it-in

Router(config-if-srv)# connect EVC1 GigabitEthernet1/0/1 100 GigabitEthernet1/0/2 101

Router(config)# policy-map mark-it-in

Router(config-pmap)# class vlaninner20cosinner5

Router(config-pmap-c)# set cos 0

This is an example of an egress double tag VLAN connect hierarchical configuration.

Router(config)# interface interface GigabitEthernet1/0/1

Router(config-if)# service instance 100 ethernet

Router(config-if-srv)# encapsulation dot1q 10 second-dot1q 20

Router(config-if-srv)# rewrite ingress tag pop 2  symmetric

Router(config-pmap-c)# service-policy out parent-out-100

Router(config)# interface interface GigabitEthernet1/0/2

Router(config-if)# service instance 101 ethernet

Router(config-if-srv)# encapsulation dot1q 11 second-dot1q 21

Router(config-if-srv)# rewrite ingress tag pop 2 symmetric

Router(config-pmap-c)# service-policy out parent-out-101

Router(config-if-srv)# connect EVC1 GigabitEthernet/0/1 100 GigabitEthernet 1/0/2 101

Router(config)# policy-map child-out-100

Router(config-pmap)# class cos5

Router(config-pmap-c)# bandwidth percent 10

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Router(config)# policy-map parent-out-100

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# service-policy child-out-100

Router(config)# policy-map child-out-101

Router(config-pmap)# class cos0

Router(config-pmap-c)# bandwidth percent 10

Router(config-pmap-c)# set cos 5

Router(config-pmap-c)# set cos-inner 5

Router(config)# policy-map parent-out-101

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# service-policy child-out-101

This is an example of an egress double tag VLAN connect flat configuration.

Router(config)# policy-map flat-100

Router(config-pmap)# class cos5

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Router(config-pmap)# class class-default  <-- required class

Router(config-pmap-c)# shape average 10000000 <-- required queuing action

Router(config-pmap-c)# set cos 6

Router(config)# policy-map flat-101

Router(config-pmap)# class cos0

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# set cos 5

Router(config-pmap-c)# set cos-inner 5

Router(config-pmap)# class class-default  <-- required class

Router(config-pmap-c)# shape average 10000000 <-- required queuing action

Router(config-pmap-c)# set cos 4

The next examples show a selective QinQ MPB configuration and the service policy that can be applied to it. With this configuration, a range of VLANs exists in the outer tag of the encapsulation command. When VLAN ranges are configured, rewrite commands are not allowed so the packets pass through the bridge-domain without change. An inner tag cannot exist in this configuration. The first example is a hierarchical policy and the second example is a flat policy.

Router(config)# interface GigabitEthernet 1/0/2

Router(config-if)# service instance 1

Router(config-if-srv)# encapsulation dot1q 10-20

Router(config-if-srv)# bridge-domain 200

Router(config-pmap-c)# service-policy output parent-out

Router(config)# policy-map child-out

Router(config-pmap)# class cos5

Router(config-pmap-c)# bandwidth percent 10

Router(config-pmap-c)# set cos 0

Router(config)# policy-map parent-out

Router(config-pmap)# class outervlan10

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# service-policy child-out

Router(config)# interface GigabitEthernet 1/0/2

Router(config-if)# service instance 1

Router(config-if-srv)# encapsulation dot1q 10

Router(config-if-srv)# bridge-domain 200

Router(config-pmap-c)# service-policy out flat

Router(config)# policy-map flat

Router(config-pmap)# class vlanouter10cos5

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Router(config-pmap)# class class-default:   <-- required class

Router(config-pmap-c)# shape average 10000000 <-- required queueing action

Router(config-pmap-c)# set cos3

Router(config-pmap-c)# set cos-inner 3

The next two examples apply to MPBE configurations except Selective QinQ. The first is a hierarchical policy and the second is a flat policy.

!Sample Hier Config 1

Router(config)# interface interface GigabitEthernet 1/0/2

Router(config-if-srv)# service instance 1

Router(config-if-srv)# encapsulation dot1qencap dot1q 10 second-dot1q any

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-if-srv)# bridge-domain 200

Router(config)# policy-map child-out

Router(config-pmap)# class vlaninner10

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Router(config-pmap)# class class-default:  <-- not required

Router(config)# policy-map parent-out

Router(config-pmap)# class class-default

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# service-policy child-out

!Sample Flat Config

Router(config)# interface interface GigabitEthernet 1/0/2

Router(config-if-srv)# service instance 1

Router(config-if-srv)# encapsulation dot1q 10 second-dot1q any

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Router(config-if-srv)# bridge-domain 200

Router(config)# policy-map flat

Router(config-pmap)# class vlaninner10

Router(config-pmap-c)# shape average 10000000

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Router(config-pmap)# class class-default <-- required class

Router(config-pmap-c)# shape average 10000000 <--  required queueing action

Router(config-pmap-c)# set cos 0

Router(config-pmap-c)# set cos-inner 0

Configuring Bandwidth Remaining Ratio (BRR) - Utilizing Unused Bandwidth Support

BRR feature provides the functionality to utilize the unused bandwidth allocated to logical interfaces. BRR enables sharing of unused bandwidth among logical interfaces such as EVCs and L3 subinterfaces through oversubscription.

BRR is implemented on logical interfaces using the following maps:

•Hierarchical Policy-Maps

•Flat Policy- Maps

You can configure Bandwidth Remaining Ratio action in the policy-map of a parent or a child class. BRR can be configured to a minimum ratio of 1 and maximum of 1000 on a logical interface.

For more information on BRR, refer to: http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/ipsuboe.html#wp1129803

QoS supports BRR CLI in the parent and child classes over a logical interface. You can use the shape command to oversubscribe the bandwidth in parent and child classes.

You cannot use the CLI to toggle the priority rate propagation to ON in ES20 line cards. For more information, refer to: http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/ipsuboe.html#wp1131793

In the following BRR sample configuration:

•The bandwidth is configured in the shape command oversubscribed in the parent and child classes.

•The priority status of LLQ packets is propagated to the parent queue.

•The class and class-default within a parent policy-map is allocated an excess bandwidth of 250 Mb/s (25% or 1/4 of 1 Gb/s) assuming the maximum link capacity is 1 Gb/s. The excess bandwidth 150 Mb/s (250Mb/s less 100 Mb/s from LLQ class) is allocated to the child policies. The class and childclass2, receives 5/6 or 125 Mb/s as minimum bandwidth, and the class, class-default, receives default BRR of 1 or 1/6 or 25 Mb/s as minimum bandwidth.

•The parent2 policy-map is allocated an excess bandwidth of 750 Mb/s (75% or 3/4 of 1 Gb/s). The excess bandwidth of 650 Mb/s (750Mb/s less 100Mb/s from LLQ class) is allocated to the child policy. The class, childclass2, receives 5/6 or 541,666,666 Mb/s as minimum bandwidth and the class, class-default, receives default BRR of 1 or 1/6 or 108,333,333 Mb/s as minimum bandwidth.

•NonBRR policy on a maininterface: The complete 100% link bandwidth is used to calculate the cir value in all the classes. The 1% reserved bandwidth is used from the class default. Ensure that the cir value of a class-default policy receives more than 1% of the port bandwidth. If not, an "exceed guarantee rate" error message is displayed.

•BRR policy on a maininterface: In classes, cir values are calculated from 99% link bandwidth for all the classes with a BRR ratio. The 1% reservation value is not relayed from the class default and cir value is not adjusted for the class-default queue.

Note Reserved link bandwidth is the maximum bandwidth available for distribution that is 1% less than the maximum link capacity.

Policy-map child

   Class voip

      priority

      police 100000000

  class childclass2

    shape ave 1000000000

 bandwidth remaining ratio 5

  class class-default  # unspecified classes default to BRR of 1

    shape ave 1000000000

policy-map parent

  class class-default

    shape ave 1000000000

    bandwidth remaining ratio 1

    service-policy child

policy-map parent2

  class class-default

    shape ave 1000000000

    bandwidth remaining ratio 3

    service-policy child

int gig 4/0/0

  service inst 1 et

    encap dot1q 10-20

    bridge-domain 200

    service-policy output parent

  service inst 1 et

    encap dot1q 30-40

    bridge-domain 200

    service-policy output parent2

Hierarchical Policy-Maps

Hierarchical policy-maps implement parent-child relationships between various policy-maps applied on an interface. You can create a child policy-map from another policy-map to inherit its functionality. If BRR is implemented in a hierarchical policy-map for a class, all the other classes in the policy-map are automatically set to BRR with ratio one. Similarly, if BRR is implemented in a hierarchical policy-map over a logical interface, all the other hierarchical policy-maps applied to other interfaces on the same port automatically implement BRR with ratio 1.

Note BRR does not propagate to the child level. For implicit propagation of BRR to the child classes, you should configure BRR in one of the child classes.

In the following example, two policy-maps, parentbr and parentbw, are applied to two different logical interfaces on the same port. BRR is implemented only in parentbr policy-map. In the configuration below, the policy-map, parentbw, results in a default BRR of 1. Applying the policy-map, parentbw, results in an error message if the sum of the child bandwidth CIR exceeds the excess ratio allocated for parentbw. If the calculated excess minimum CIR is greater then the guaranteed rates in the child, then classes cos5 and class-default are configured with guaranteed rate plus an evenly distributed fair share of excess bandwidth. The following sample displays the BRR implementation for parentbr and parentbw policy-maps:

policy-map testbw

    class VOICE

      police 128000

      priority

    class cos5

      bandwidth 100000

    class class-default

      bandwidth 100000

policy-map parentbw

    class class-default

      shape ave 300000000

      service-policy testbw

policy-map testbrr

    class VOICE

      police 128000

      priority

    class cos5

      bandwidth remaining ratio 2

    class class-default

      bandwidth remaining ratio 2

policy-map parentbrr

    class class-default

      bandwidth remaining ratio 4

      shape ave 200000000

      service-policy testbrr

You can configure BRR on the following policy-maps:

•HQoS Policies with Bandwidth and Shape in Child Classes.

•HQoS Polices with Shape in Child Classes.

•HQoS Policies with Police+Priority (LLQ) and Shape in Child Classes.

Note You can individually or jointly configure BRR on child classes or parent classes.

HQoS Policies with Bandwidth and Shape in Child Classes

In the following sample configuration, the class-default, defined in the parent policy-map is allocated Committed Information Rate (CIR) share of 1/3 of the total available bandwidth. The total bandwidth is 1 Gb/s and available bandwidth is total bandwidth minus the reserved bandwidth (10 Mb/s). Hence, the class, class-default, is allocated 330 Mb/s (1/3 of 1 Gb/s minus the reserved bandwidth of 10 Mb/s per port, 990/3 = 330 Mb/s). As BRR is enabled on the parent, the platform calculates the CIR share for the parents.

In the following example, the minimum bandwidth that the parent requires is 200 Mb/s to accept requests from its child classes. The parent class overrides the shape value configured in the child class and uses the CIR as shape value for the child. Though the child class can receive excess bandwidth of 330 Mb/s, as the parent class is shaped with a CIR value of 300 Mb/s, the excess bandwidth of 30Mb/s is unused. The child class, cos5, is allocated a CIR value of 100 Mb/s and the maximum acceptable CIR value is 300 Mb/s (parent shaper). The class, class-default, is allocated a CIR value of 100 Mb/s.

The class, class-default, defined in parent2 policy-map is allocated 2/3 share of 990 Mb/s that is 660 Mb/s. Class cos5 is allocated 100 Mb/s and class-default is allocated the remaining share of 550 Mb/s (660-100 Mb/s).

EIR values of the user-defined classes are proportional to the CIR values. If the EIR value is high, so is the CIR value.

Policy-map child

Class cos5

Bandwidth 100000 kbps

class class-default

shape average 100000000

policy-map parent

class class-default

Shape average 300000000

service-policy child

Bandwidth remaining ratio 1

Policy-map parent2

class class-default

Shape average 800000000

Service-policy child

Bandwidth remaining ratio 2

int gig 4/0/0

  service inst 1 et

    encap dot1q 10-20

    bridge-domain 200

    service-policy output parent

  service inst 2 et

    encap dot1q 30-40

    bridge-domain 200

    service-policy output parent2

The following policy configurations exhibit similar behavior to the HQoS Policies with bandwidth and shape in the child classes:

•HQoS Polices with Shape in Child Classes

•HQoS Policies with Police+Priority (LLQ) and Shape in Child Classes.

Restrictions and Usage Guidelines

When configuring HQoS Policies with Bandwidth and Shape in the child classes, follow these restrictions and usage guidelines:

•CIR allocated to parent class should be greater than sum of child CIR. CIR is calculated using the following formula:

((Link rate - reserved bandwidth) * BRR) / (total BRR parts of all parent classes within the link)

•To avoid configuration failure when CIR share for a parent is reduced due to increase in parent classes, you should also configure BRR in child classes.

•You can configure BRR without shape within a class.

HQoS Polices with Shape in Child Classes

In the following sample configuration, the class, class-default, defined in the parent policy-map is allocated CIR share of 1/3 of the total available bandwidth. The total bandwidth is 1 Gb/s and available bandwidth is total bandwidth- reserved bandwidth (10 Mb/s). Hence, the class, class-default, is allocated 330 Mb/s (1/3 of 1 Gb/s- reserved bandwidth of 10 Mb/s per port = 990/3 = 330 Mb/s). With BRR enabled on the parent, the platform calculates the CIR share.

In the following example, the excess bandwidth is divided between the child class, cos5 and class-default, in bandwidth ratio of 2:1. The class, class-default, is configured to BRR of one. Hence, the class, cos5, is allocated 220 Mb/s and the class, class-default, is allocated 110 Mb/s of bandwidth.

The class, class-default, in parent2 policy-map is allocated excess bandwidth of 660 Mb/s, which is further divided between the child classes in the parent2 policy-map. The class, cos5, is allocated 440Mb/s (2/3) and the class, class-default, is allocated 220Mb/s (1/3). The following example configuration shows the HQoS polices with only shape in child classes:

policy-map child

class cos5

shape average 100000000

Bandwidth Remaining Ratio 2

class class-default

shape avergae 100000000

policy-map parent

class class-default

shape average 300000000

service-policy child

bandwidth remaining ratio 1

policy-map parent2

class class-default

shape average 300000000

service-policy child

bandwidth remaining ratio 2

int gig 4/0/0

  service inst 1 et

    encap dot1q 10-20

    bridge-domain 200

    service-policy output parent

  service inst 2 et

    encap dot1q 30-40

    bridge-domain 200

    service-policy output parent2

Restrictions and Usage Guideline

When configuring HQoS polices with only shape in child classes, follow this restriction and usage guideline:

•You can configure BRR in both the child and parent classes.

HQoS Policies with Police+Priority (LLQ) and Shape in Child Classes

In the following sample configuration, the class, class-default, in the parent policy-map is allocated CIR share of 1/3 of the total available bandwidth. The total bandwidth is 1 Gb/s and available bandwidth is total bandwidth- reserved bandwidth (10 Mb/s). Hence, the class, class-default, is allocated 330 Mb/s (1/3 of 1 Gb/s- reserved bandwidth of 10 Mb/s per port = 990/3 = 330 Mb/s). With BRR enabled on the parent, the platform calculates the CIR share.

The excess bandwidth is allocated to the child classes. The priority class, cos3, is allocated CIR equal to 100Mb/s. The remaining excess bandwidth of 230 Mb/s (330 Mb/s-100 Mb/s) is allocated to the classes, cos5 and class-default. The class cos5 is allocated 153 Mb/s and class-default is allocated 76 Mb/s.

Similarly, Parent2 policy-map is configured to CIR of 660 Mb/s (2/3 of total available bandwidth of 1 Gb/s). The LLQ class is allocated 100 Mb/s. The remaining bandwidth of 550 Mb/s is divided between the two classes, cos5 and class-default, in the ratio of 2:1. The class, cos5, is allocated 373 Mb/s and the class, class-default, is allocated 186 Mb/s. Because the class, class-default, is configured to shape limit of 100 Mb/s, the excess bandwidth is not utilized. The sample configuration shows HQoS Policies with Police+Priority(LLQ) and Shape in the child classes:

Policy-map child

Class cos3

Police cir 100000000

Priority

Class cos5

Bandwidth remaining ratio 2

class class-default

Bandwidth remaining ratio 1

shape average 100000000

policy-map parent

Shape average 300000000

service-policy child

Bandwidth remaining ratio 1

Policy-map parent2

Shape average 300000000

Service-policy child

Bandwidth remaining ratio 2

int gig 4/0/0

service inst 1 et

encap dot1q 10-20

bridge-domain 200

service-policy output parent

service inst 2 et

encap dot1q 30-40

bridge-domain 200

service-policy output parent2

Restrictions and Usage Guideline

When configuring HQoS hierarchical policies with Police+Priority(LLQ) and Shape in the child classes, follow this restriction and usage guideline:

•You can configure BRR in both the child and parent classes.

Flat Policy- Maps

If you implement BRR in one Flat policy-map over a logical interface, all the other Flat policy-maps applied on the other logical interface in the same port are not affected, and are allocated guaranteed bandwidth. The excess bandwidth is not available to other Flat policy-maps on the same interface.

In the following example, two policy-maps, testbrr and testbw, are applied on two different logical interfaces on the same port. BRR is implemented only in testbrr policy-map.

policy-map testbw

    class cos5

      shape ave 100000000

    class class-default

      shape ave 100000000

policy-map testbrr

    class cos5

      bandwidth remaining ratio 2

    class class-default

      bandwidth remaining ratio

Note You cannot simultaneously configure bandwidth and BRR in the child classes.

BRR Propagation

When you apply BRR on a:

•Hierarchical Policy—All other policies on the same logical interface are configured to BRR value of 1.

•Flat policy—

–All other policies on the same logical interface are not configured to default BRR settings (refers to an implicit BRR value of 1).

–When BRR is configured in one or more classes within the flat policy-map, classes within the same flat policy-map has a default BRR value of 1.

•Flat policy coexisting with HQoS policies —BRR on flat policy-maps does not propagate the default BRR settings to HQoS policy-maps and vice versa.

Restrictions and Usage Guidelines

When you configure BRR on a logical interface, follow these restrictions and usage guidelines:

•You can implement BRR on a logical and maininterface.

•Bandwidth CIR is blocked in the parent policies that are applied to logical interfaces.

•You cannot combine BRR and bandwidth CIR in a policy-map, class-map, or LLQ action.

•The line card automatically configures the queue limit when BRR is configured. No explicit queue- limit statements are supported.

•You can propagate BRR only if the same policy-map is applied across multiple interfaces within a single port.

•The sum of the parent shape rates cannot exceed the link bandwidth if BRR is not configured. The shape sum can exceed the link bandwidth on an interface only if the BRR is available in the parent policy.

•PRP state is set to `OFF'.

•Hybrid policies are not supported with BRR. For more information on hybrid policies, refer section "Example of a Hybrid Policy" section.

Note If the calculated excess cir is greater then the shape rate, the shape rate is used instead of the calculated BRR minimum rate. If the shape rate is modified, the guaranteed rate and shape rate for the specific queue is updated.

Example of a Hybrid Policy

The following example displays a sample configuration of a BRR on a hybrid policy:

Policy Map hybrid

    Class vlan-range

      Average Rate Traffic Shaping

      cir 100000000 (bps)

      service-policy child

    Class class-default

      Average Rate Traffic Shaping

      cir 200000000 (bps)

  Policy Map child

    Class cos5

      Average Rate Traffic Shaping

      cir 1000000 (bps)

    Class cos6

      Average Rate Traffic Shaping

      cir 10000000 (bps)

          Class class-default

      Average Rate Traffic Shaping

cir 1000000 (bps)

Hardware Restrictions

When you configure BRR on a logical interface, follow these restrictions and usage guidelines:

•If the sum of LLQ and non LLQ bandwidth per class is:

–More than the CIR share calculated through BRR, the line card rejects the policy-map.

–Is less than the allocated BRR, excess bandwidth is not split among the remaining subscribers based on the configured ratio.

•Excess unused bandwidth is distributed to active oversubscribed queues but not in the configured BRR ratio.

Troubleshooting QoS Features in a ES20 Line Card

Table 3-13 lists some of the QoS troubleshooting scenarios in a ES20 line card.

Table 3-13 QoS troubleshooting scenarios


Problem	Solution
Ingress Policer issues	One rate two color (1R2C ) Policer issues: Ensure that: •You configure mls QoS for the EARL policing to work. •You did not configure 1R2C on user defined classes. •You did not configure policer in a child class on the EVC. •You did not configure the police actions. •If the issue persists, contact TAC. Two rate threee color (2R3C) Policer issues: Ensure that: •You created a single 1r0c/2r3c policer per EVC/SG per bay irrespective of the number of member links on that bay and at least one member link is part of EVC PC. •If the issue persists, contact TAC.
Queue limit and WRED issues	Ensure that: •You configure only four WRED statements in a class-map including the default WRED statement, i.e. random-detect aggregate. •You did not exceed the acceptable limit of 120 different queue-limits. •You did not exceed the acceptable limit of 120 WRED classes when each class uses different WRED statements. If two classes have the same WRED configurations, then they would share the same WRED group. •If the issue persists, contact TAC.
Traffic drops resulting in buffer space issues while using the BRR feature.	•Ensure that you correctly configured the queue-limit <x> value for each child class queue. •To check buffer exhaustion issues, execute the show policy-map int command and confirm the value of the queue depth parameter in the output. If the queue does not receive the guaranteed bandwidth, and the queue depth is close to zero or much less than its queue limit, traffic drops and buffer space issues occur. •If the issue persists, contact TAC.
EXCEEDGUARANTEE rate error message (BRR feature) is displayed	•Check if the class-default of the policy map has received less than one percent of of port bandwidth as its CIR value. •If the issue persists, contact TAC.
Rate counters are not accurate	• Rate counters are updated in fixed intervals. Use the load-interval seconds command to increase the load interval for accurate rate counter values.
Traffic classified incorrectly	•Use the show run class-map command to check the class-map definition. •Use the show policy-map interface interface command to check the classification statistics. •Use the show tcam interface interface qos type1/type2 ip detail (type1 is for input policy, type2 for output policy) command to verify that the classification hardware parameters are configured correctly and packets are relayed to the right class as shown in the example: `Router#`sh tcam interface gig10/1 qos type1 ip detail `* Global Defaults shared` `DPort - Destination Port SPort - Source Port TCP-F - U -URG Pro - Protocol` `I - Inverted LOU TOS - TOS Value - A -ACK rtr - Router` `MRFM - M -MPLS Packet TN - T -Tcp Control - P -PSH COD - C -Bank Care Flag` `- R -Recirc. Flag - N -Non-cachable - R -RST - I -OrdIndep. Flag` `- F -Fragment Flag CAP - Capture Flag - S -SYN - D -Dynamic Flag` `- M -More Fragments F-P - FlowMask-Prior. - F -FIN T - V(Value)/M(Mask)/R(Result)` `X - XTAG (*) - Bank Priority` `Interface: 1018 label: 513 lookup_type: 1` `protocol: IP packet-type: 0` `\|T\|Index\| Dest Ip Addr \| Source Ip Addr\| DPort \| SPort \| TCP-F \|Pro\|MRFM\|X\|TOS\|TN\|COD\|F-P\|` `V 36828 0.0.0.0 0.0.0.0 P=0 P=0 ------ 0 ---- 0 0 -- --- 0-0`<- `M 36836 0.0.0.0 0.0.0.0 0 0 ------ 0 X--- 0 0`<- `R rslt: 142811A8` <- `V 36829 0.0.0.0 0.0.0.0 P=0 P=0 ------ 0 M--- 0 0 -- --- 0-0` `M 36836 0.0.0.0 0.0.0.0 0 0 ------ 0 X--- 0 0`
	`R rslt: 142811A8` Note <- indicates the class where the packets are classified.
Excessive drops in packets	•Use the show policy map interface command to check if the offered rate exceeds the configured policer shape rate. •Queuing on ES20/SIP-600 is performed on the L1 frame with an overhead of 24 bytes. The ES20 supports user-defined overhead accounting for shape/wfq classes. •Drops also occur due to low queue-limit configured. Increase the queue-limits value if unaccounted drops are seen. •In case of excessive drops, check if WRED can be used as, illustrated in this example. `Router#s`h run policy-map queuing `Building configuration...` `Current configuration : 276 bytes` `!` `policy-map queuing` `class prec1` `bandwidth 200000` `class prec2` `shape average 100000000` `random-detect` `random-detect precedence 1 100 1000` `random-detect precedence 2 150 1500` `random-detect precedence 3 200 800` `class class-default` `shape average 100000000` `!` `end`
	`Router#` `Router#sh pol` `Router#sh policy-map int gig10/6` `GigabitEthernet10/6` `Service-policy output: queuing` `Counters last updated 00:00:27 ago` `Class-map: prec1 (match-all)` `0 packets, 0 bytes` `5 minute offered rate 0000 bps, drop rate 0000 bps` `Match: ip precedence 1` `Queueing` `queue limit 65536 packets` `(queue depth/total drops/no-buffer drops) 0/0/0` <<< drops due to bandwidth over subscription `(pkts output/bytes output) 0/0` `bandwidth 200000 kbps` <<<< bandwidth configured in the policy-map `Class-map: prec2 (match-all)` `0 packets, 0 bytes` `5 minute offered rate 0000 bps, drop rate 0000 bps` `Match: ip precedence 2` `Match: precedence 2` `Queueing` `queue limit 32768 packets` (queue depth/total drops/no-buffer drops) 0/0/0 <<< drops due to shaper `(pkts output/bytes output) 0/0` `shape (average) cir 100000000, bc 400000, be 400000` target shape rate 100000000 <<< shaper configured in the policy-map by the user
	`Exp-weight-constant: 9 (1/512)` `Mean queue depth: 0 packets` `class Random drop Tail drop Minimum Maximum Mark` `pkts/bytes pkts/bytes thresh thresh prob` `0 3457/5687000 0/0 8192 16384 1/10`<<< wred packet/bytes counts and threshold values `1 0/0 0/0 100 1000 1/10` `2 0/0 0/0 150 1500 1/10` `3 1408/4508780 0/0 200 800 1/10` `4 0/0 0/0 12288 16384 1/10` `5 0/0 0/0 13312 16384 1/10` `6 0/0 0/0 14336 16384 1/10` `7 0/0 0/0 15360 16384 1/10` `Class-map: class-default (match-any)` `0 packets, 0 bytes` `5 minute offered rate 0000 bps, drop rate 0000 bps` `Match: any` `Queueing` `queue limit 32768 packets` `(queue depth/total drops/no-buffer drops) 0/0/0` `(pkts output/bytes output) 0/0` `shape (average) cir 100000000, bc 400000, be 400000` `target shape rate 100000000 <<<`shaper configured in the policy-map by the user
Bandwidth not met	Check if the queue limits are configured right. Based on this example, check if the bandwidth and priority class has been configured correctly. `Router#`sh run policy-map queuing `Building configuration...` `Current configuration : 276 bytes` `!` `policy-map queuing` `class prec1` `bandwidth 200000` `class prec2` `shape average 100000000` `random-detect` `random-detect precedence 1 100 1000` `random-detect precedence 2 150 1500` `random-detect precedence 3 200 800` `class class-default` `shape average 100000000` ! `end` `Router#` `Router#sh pol` `Router#sh policy-map int gig10/6` `GigabitEthernet10/6` `Service-policy output: queuing` `Counters last updated 00:00:27 ago` `Class-map: prec1 (match-all)` `0 packets, 0 bytes` `5 minute offered rate 0000 bps, drop rate 0000 bps` `Match: ip precedence 1` `Queueing` `queue limit 65536 packets` `(queue depth/total drops/no-buffer drops) 0/0/0` <<< drops due to bandwidth over subscription `(pkts output/bytes output) 0/0` `bandwidth 200000 kbps` <<<< bandwidth configured in the policy-map
Debug QoS policing traffic issues in EARL	•Check the policer configured on the hardware. For aggregate policer and microflow policer, check the aggregate Id value using the sh mls qos [ip\|mpls\|ipv6\|arp] command. If the value is 0 or n/a, it indicates a failure. •Use the show tcam interface command to check whether or not the TCAM is programmed correctly for the interface. The result from the output can be used to find different fields in the QoS hardware on that interface. Warning Use the show tcam interface command with the module option to view the tcam programming on the DFCs. •Check the rate and burst configured on the policer. •Use embedded logic analyzer (ELAM) tool to gather (captures the packets routed internally, checks dbus and rbus. dbus contains the packet details which is going from the line card to router and rbus has the packet details from router to line card) packet informations. Share the output information with TAC for further troubleshooting.
Policer not receiving the packets	•Use the sh mls qos [ip\|mpls\|ipv6\|arp] and sh policy-map interface commands to confirm if the policer receives the packets. If not, share the output information with TAC to troubleshoot line card issues.
Incorrect QoS ACLs in TCAM	•Use the sh qm int xxx and sh tcam int xx qos [type1\|type2] [ip\|mpls\|ipv6\|other\|arp] det commands to verify if the correct QoS ACLs are displayed in the TCAM. If not, Share the output information with TAC for further troubleshooting.
Microflow policing issues	•Use the sh fm int xxx and sh mls netflow ip detail commands to view the output. Share the information with TAC for troubleshooting. •Validation of microflow policing: Use the show mls netflow ip qos module module command to validate the microflow policing. In this output, Pkts/Bytes indicates total forwarded packets/bytes, and the police count column indicates the drop count. `Router#`sh mls netflow ip qos module 10 `Displaying Netflow entries in module 10` `DstIP SrcIP Prot:SrcPort:DstPort Src i/f :AdjPtr` `------------------------------------------- -------------------------------------` `Pkts Bytes LastSeen QoS PoliceCount Threshold Leak` `------------------------------------------- -------------------------------------` `Drop Bucket` `---------------` `20.1.1.2 10.1.1.2 255 :0 :0 -- 0x0` `12857116 591427336 17:35:40 0x80 5117484352 0 0` `NO 3145792`
Expected CIR/PIR rate not reached	1. TCP traffic displays rates below the CIR due to the slow-start algorithms and retransmissions. 2. To increase the CIR/PIR rates, use a traffic generator or UDP traffic . 3. Use large burst values to police TCP traffic.
Egress packet drop issues	•Check the traffic type. •Raise the bandwidth. Eg: old 10M users - gig link in a 10 gig backbone network. •Modify the queue limit or introduce WRED.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)