Configuring Policy Maps

This chapter contains the following sections:

Information About Policy Types

The device supports a number of policy types. You create class maps in the policy types.

There are three policy types:

Network-qos
Queuing
QoS

The following QoS parameters can be specified for each type of class:

Type network-qos—A network-qos policy is used to instantiate system classes and associate parameters with those classes that are of system-wide scope.

Classification—The traffic that matches this class are as follows:
- QoS Group—A class map of type network-qos identifies a system class and is matched by its associated qos-group.

Policy—The actions that are performed on the matching traffic are as follows:

Note

A network-qos policy can only be attached to the system QoS target.

Type queuing—A type queuing policy is used to define the scheduling characteristics of the queues associated with system classes.

Note

Some configuration parameters when applied to an EtherChannel are not reflected on the configuration of the member ports.

Classification—The traffic that matches this class are as follows:
- QoS Group—A class map of type queuing identifies a system class and is matched by its associated QoS group.

Policy—The actions that are performed on the matching traffic are as follows:

Note

These policies can be attached to the system qos target or to any interface. The output queuing policy is used to configure output queues on the device associated with system classes.

Bandwidth—Sets the guaranteed scheduling deficit weighted round robin (DWRR) percentage for the system class.
Priority—Sets a system class for strict-priority scheduling. Only one system class can be configured for priority in a given queuing policy.

Note

Type qos—A type qos policy is used to classify traffic that is based on various Layer 2, Layer 3, and Layer 4 fields in the frame and to map it to system classes.

Note

Some configuration parameters when applied to an EtherChannel are not reflected on the configuration of the member ports.

Classification—The traffic that matches this class are as follows:
- Access Control Lists—Classifies traffic based on the criteria in existing ACLs.
- Class of Service—Matches traffic based on the CoS field in the frame header.
- DSCP—Classifies traffic based on the Differentiated Services Code Point (DSCP) value in the DiffServ field of the IP header.
- IP Real Time Protocol—Classifies traffic on the port numbers used by real-time applications.
- Precedence—Classifies traffic based on the precedence value in the type of service (ToS) field of the IP header.

Policy—The actions that are performed on the matching traffic are as follows:

Note

This policy can be attached to the system or to any interface. It applies to input traffic only.

QoS Group—Sets the QoS group that corresponds to the system class this traffic flow is mapped to.

Configuring Policy Maps

Creating Policy Maps

The policy-map command is used to create a named object that represents a set of policies that are to be applied to a set of traffic classes.

The following predefined policy maps are used as default service policies:

network-qos: default-nq-policy
Input qos: default-in-policy
Output queuing: default-out-policy

You need to create a policy map to specify the policies for any user-defined class. In the policy map, you can configure the QoS parameters for each class. You can use the same policy map to modify the configuration of the default classes.

The device distributes all the policy-map configuration values to the attached network adapters.

Before you begin

Before creating the policy map, define a class map for each new system class.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# policy-map [type {network-qos | qos | queuing}] policy-name

Creates a named object representing a set of policies that are to be applied to a set of traffic classes. Policy-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.

The three policy-map configuration modes are as follows:

network-qos—Network-wide (global) mode. CLI prompt: switch(config-pmap-nq)#
qos—Classification mode; this is the default mode. CLI prompt: switch(config-pmap-qos)#
queuing—Queuing mode. CLI prompt: switch(config-pmap-que)#

Step 3

(Optional) switch(config)# no policy-map [type {network-qos | qos | queuing}] policy-name

(Optional)

Deletes the specified policy map.

Step 4

switch(config-pmap)# class [type {network-qos | qos | queuing}] class-name

Associates a class map with the policy map, and enters configuration mode for the specified system class. The three class-map configuration modes are as follows:

network-qos—Network-wide (global) mode. CLI prompt: switch(config-pmap-c-nq)#
qos—Classification mode; this is the default mode. CLI prompt: switch(config-pmap-c-qos)#
queuing—Queuing mode. CLI prompt: switch(config-pmap-c-que)#

Note

The associated class map must be the same type as the policy-map type.

Step 5

(Optional) switch(config-pmap)# no class [type {network-qos | qos | queuing}] class-name

(Optional)

Deletes the class map association.

Configuring Type Network QoS Policies

Type network qos policies can only be configured on the system qos attachment point. They are applied to the entire switch for a particular class.

Note

If FCoE QoS policy is configured and offloaded to FEX without configuring the FCoE Network QoS policy, offloaded QoS policy on the FEX is unable to identify the FCoE class and therefore, QoS policy will not be applied on the FCoE traffic. Hence it is required to have the FCoE network QoS policy configured before offloading the FCoE QoS policy to the FEX.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# policy-map type network-qos policy-name

Creates a named object that represents a set of policies that are to be applied to a set of traffic classes. Policy-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.

Step 3

switch(config-pmap-nq)# class type network-qos class-name

Associates a class map with the policy map, and enters configuration mode for the specified system class.

Note

The associated class map must be the same type as the policy map type.

Step 4

switch(config-pmap-c-nq)# mtu mtu-value

Specifies the MTU value in bytes.

Note

The mtu-value that you configure must be less than the value set by the system jumbomtu command.

Step 5

(Optional) switch(config-pmap-c-nq)# no mtu

(Optional)

Resets the MTU value in this class.

Step 6

switch(config-pmap-c-nq)# pause no-drop

Configures a no-drop class.

Step 7

switch(config-pmap-c-nq)# set cos cos-value

Specifies a 802.1Q CoS value which is used to mark packets on this interface. The value range is from 0 to 7.

Step 8

(Optional) switch(config-pmap-c-nq)# no set cos cos-value

(Optional)

Disables the marking operation in this class.

Example

This example shows how to define a type network-qos policy map:

switch# configure terminal
switch(config)# policy-map type network-qos policy-que1
switch(config-pmap-nq)# class type network-qos class-que1
switch(config-pmap-c-nq)# mtu 5000
switch(config-pmap-c-nq)# set cos 4

Configuring Type QoS Policies

Type qos policies are used for classifying the traffic of a specific system class identified by a unique qos-group value. A type qos policy can be attached to the system or to individual interfaces for ingress traffic only.

You can set a maximum of five QoS groups for ingress traffic.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# policy-map type qos policy-name

Step 3

switch(config-pmap-qos)# [class | class-default] type qos class-name

Associates a class map with the policy map, and enters configuration mode for the specified system class.

Note

The associated class map must be the same type as the policy map type.

Step 4

switch(config-pmap-c-qos)# set qos-group qos-group-value

Configures one or more qos-group values to match on for classification of traffic into this class map. The list below identifies the ranges of the qos-group-value . There is no default value.

Example

This example shows how to define a type qos policy map:

switch# configure terminal
switch(config)# policy-map type qos policy-s1
switch(config-pmap-qos)# class type qos class-s1
switch(config-pmap-c-qos)# set qos-group 2

Configuring Type Queuing Policies

Type queuing policies are used for scheduling and buffering the traffic of a specific system class. A type queuing policy is identified by its QoS group and can be attached to the system or to individual interfaces (except for Fabric Extender host interfaces) for input or output traffic.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# policy-map type queuing policy-name

Step 3

switch(config-pmap-que)# class type queuing class-name

Associates a class map with the policy map, and enters configuration mode for the specified system class.

Step 4

switch(config-pmap-c-que)# priority

Specifies that traffic in this class is mapped to a strict priority queue.

Note

Only one class in each policy map can have strict priority set on it.

Step 5

(Optional) switch(config-pmap-c-que)# no priority

(Optional)

Removes the strict priority queuing from the traffic in this class.

Step 6

switch(config-pmap-c-que)# bandwidth percent percentage

Specifies the guaranteed percentage of interface bandwidth allocated to this class. By default, no bandwidth is specified for a class.

Note

Before you can successfully allocate bandwidth to the class, you must first reduce the default bandwidth configuration on class-default and class-fcoe.

Step 7

(Optional) switch(config-pmap-c-que)# no bandwidth percent percentage

(Optional)

Removes the bandwidth specification from this class.

Example

Enabling and Displaying QoS Statistics for Interfaces

The qos statistics command must be enabled when you migrate to Cisco NX-OS release 7.3(0)N1(1) to enable statistics for policy maps. In addition, the existing policies need to be removed and reassigned to ensure the statistics work. Any new policy maps (that are not already configured on any interface) configured after enabling statistics would have the statistics enabled.

From Cisco NX-OS release 7.3(2)N1(1), the following changes are introduced:

You do not need to use the qos statistics command to enable the QoS statistics. By default, the QoS statistics is enabled.
The class-map and match statistics are not supported. Both these statistics are not displayed when you run the show policy-map interface command.
The policer statistics are still supported and the queuing statistics are added to the show policy-map interface command output. Note that the queuing statistics are supported only for the Ethernet interfaces.

The detailed procedure is as follows:

Before you begin

Enabling statistics can take up additional TCAM space. Hence, you must ensure that there is enough space available to perform this operation, given the existing configuration. Refer to CSCuq00149 for details on whether the statistics can be enabled on your switch.

Procedure

Step 1

Enter global configuration mode:

switch# configure terminal

Step 2

(Optional) Verify the existing status of the statistics on your switch:

switch(config)# show policy-map vlan vlan-number

Step 3

(Optional) Enable the statistics, if the existing status of the statistics is disabled on your switch:

switch(config)# qos statistics

Note

From Cisco NX-OS release 7.3(2)N1(1), the QoS statistics is enabled by default.

Step 4

Enter VLAN configuration mode for the specified VLAN:

switch(config)# vlan configuration vlan-number

Step 5

Remove the policy from the VLAN:

switch(config-vlan-config)# no service-policy type qos input policy-name

The policy-name is the name assigned to the policy map.

Step 6

Enter VLAN configuration mode for the specified VLAN:

switch(config-vlan-config)# vlan configuration vlan-number

Step 7

Assign or reapply the policy map to the VLAN:

switch(config-vlan-config)# service-policy type qos input policy-name

Note

The policy-name is the name assigned to the policy map. Note that the policy must be removed from all attachment points (VLANs and interfaces) before you enable the statistics on even one attachment point.

Step 8

Verify the status of the statistics on your switch:

switch(config-vlan-config)# show policy-map vlan vlan-number

Note

You can also use the show policy-map interface command.

Note

To remove the statistics, use the no qos statistics command, then remove and reassign the policies for them to take effect.

Example: Enabling and Displaying QoS Statistics

This example shows how to enable and display QoS statistics.


switch(config)# show policy-map vlan 13

Global statistics status: disabled
 
Vlan 13
 
  Service-policy (qos) input:   rq1
    policy statistics status:   disabled
 
    Class-map (qos):   rq1 (match-any)
      Match: cos 4
      set qos-group 2
 
    Class-map (qos):   class-default (match-any)
      Match: any
      set qos-group 0
 
switch(config)# qos statistics

Warning: Turning on the statistics would increase the TCAM utilisation. Disable the CLI if this is not intended.
Note that the policies need to be removed and re-applied, for statistics to take effect.                              

switch(config)#vlan configuration 13-59
switch(config-vlan-config)#no service-policy type qos input rq1
switch(config-vlan-config)#vlan configuration 13
switch(config-vlan-config)#service-policy type qos input rq1
switch(config-vlan-config)# show policy-map vlan 13

Global statistics status: enabled

Vlan 13
 
  Service-policy (qos) input:   rq1
    policy statistics status:   enabled
 
    Class-map (qos):   rq1 (match-any)
      3094788 packets
      Match: cos 4
        3094788 Match packets
      set qos-group 2
 
    Class-map (qos):   class-default (match-any)
      0 packets
      Match: any
      set qos-group 0
 
switch(config-vlan-config)#

The following example shows the output of the show policy-map interface command in the Cisco NX-OS release 7.3(2)N1(1).

switch(config)# show policy-map interface ethernet 1/49


Global statistics status :   enabled

 NOTE: Type qos policy-map configured on VLAN will take precedence 
       over system-qos policy-map for traffic on the VLAN 


Ethernet1/49

  Service-policy (qos) input:   cos 
    policy statistics status:   enabled

    Class-map (qos):   cos3 (match-all)
      Match: cos 3
      set qos-group 2
      police cir percent 60 bc 200 ms 
        conformed 300579840 bytes, 899939640 bps action: transmit 
        violated 43806000 bytes, 131155688 bps action: drop 

    Class-map (qos):   cos4 (match-all)
      Match: cos 4
      set qos-group 4

    Class-map (qos):   class-default (match-any)
      Match: any 
      set qos-group 0

  Service-policy (queuing) input:   fcoe-default-in-policy 
    policy statistics status:   disabled

    Class-map (queuing):   class-fcoe (match-any)
      Match: qos-group 1 
      bandwidth percent 50 

    Class-map (queuing):   class-default (match-any)
      Match: qos-group 0 
      bandwidth percent 50 

  Service-policy (queuing) output:   fcoe-default-out-policy 
    policy statistics status:   disabled

    Class-map (queuing):   class-fcoe (match-any)
      Match: qos-group 1 
      queue dropped pkts : 0  queue received pkts : 0
      bandwidth percent 50 

    Class-map (queuing):   class-default (match-any)
      Match: qos-group 0 
      queue dropped pkts : 57346780  queue received pkts : 155740874
      bandwidth percent 50

Restrictions for Viewing the QoS Statistics

Due to the way statistics and policers are attached to the TCAM entries, there are certain limitations to viewing the statistics:

Statistics are incremented cumulatively for each VLAN or interface where the policy is applied. The statistics are not per-interface/vlan.
Default policies and system-level policies do not have statistics.
Statistics per ACE in an ACL cannot be viewed if there is more than one ACE in the ACL and a policer is attached to the QoS policy.
The above limitation applies to qos-based matches as well (for example, match dscp value , match precedence value , and so on).
- Statistics cannot be viewed with match-all rules.
- Statistics can be viewed only with match-any.

Statistics per-ACE of ACL for QoS policies applied of FEX HIF ports will be shown only if policer is not present.

Verifying the Policy Map Configuration


Command	Purpose
show policy-map [`name`]	Displays the policy maps defined on the switch. Optionally, you can display the named policy only.
show policy-map interface [`interface number`]	Displays the policy map settings for an interface or all interfaces.
show policy-map system	Displays the policy map settings attached to the system qos.
show policy-map type {network-qos \| qos \| queuing} [`name`]	Displays the policy map settings for a specific policy type. Optionally, you can display the named policy only.
running-config ipqos	Displays information about the running configuration for QoS.
startup-config ipqos	Displays information about the startup configuration for QoS.

Cisco Nexus 5600 Series NX-OS Quality of Service Configuration Guide, Release 7.x

Bias-Free Language

Book Title

Cisco Nexus 5600 Series NX-OS Quality of Service Configuration Guide, Release 7.x

Chapter Title