Configuring Marking

This chapter describes how to configure the marking features on the Cisco NX-OS device that you can use to define the class of traffic to which the packet belongs.

This chapter includes the following sections:

Information About Marking

Marking is a method that you use to modify the QoS fields of the incoming and outgoing packets. The QoS fields that you can mark are CoS in Layer 2, and IP precedence and Differentiated Service Code Point (DSCP) in Layer 3. The QoS group and discard class are two labels local to the system that you can assign intermediate marking values. You can use these two labels to determine the final values marked in a packet.

You can use marking commands in traffic classes that are referenced in a policy map. The marking features that you can configure are listed in Table 4-1 .

 

Table 4-1 Configurable Marking Features

Marking Feature
Description

DSCP

Layer 3 DSCP.

Note If you manipulate this dscp value, you cannot manipulate discard class values, and vice-versa.

IP precedence

Layer 3 IP precedence.

Note IP precedence uses only the lower 3 bits of the type of service (ToS) field. The device overwrites the first 3 bits of the ToS field to 0.

CoS

Layer 2 class of service (CoS).

QoS group

Locally significant QoS values that can be manipulated and matched within the system. The range is from 0 to 126.

Discard class

Locally significant values that can be matched and manipulated within the system. The range is from 0 to 63.

Note If you manipulate this discard class value, you cannot manipulate dscp values, and vice-versa.

Ingress and egress ports

Status of the marking applies to incoming or outgoing packets.

Using table maps

Method to use table maps for marking.

Unless noted as a restriction, you can apply marking features to both incoming and outgoing packets.

Licensing Requirements for Marking

The following table shows the licensing requirements for this feature:

 

Product
License Requirement

Cisco NX-OS

The QoS feature does not a require license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.

However, using virtual device contexts (VDCs) requires an Advanced Services license.

Prerequisites for Marking

Marking has the following prerequisites:

  • You must be familiar with Chapter3, “Using Modular QoS CLI”
  • You are logged on to the switch.
  • You are in the correct VDC. A VDC is a logical representation of a set of system resources. You can use the switchto vdc command with a VDC number.

Guidelines and Limitations

Marking has the following configuration guidelines and limitations:

  • The set cos command can only be used in ingress policies when no other set commands are used for the same packet for egress.
  • You can use only the set qos-group command in ingress policies.
  • You can use only the set discard-class command in ingress policies.
  • When PIM is enabled on the switch virtual interface (SVI), you cannot mark the layer-2 switched multicast traffic on that VLAN.

Configuring Marking

You can combine one or more of the marking features in a policy map to control the setting of QoS values. You can then apply policies to either incoming or outgoing packets on an interface.

This section includes the following topics:


Note Do not press Enter after you use the set command and before you add the rest of the command. If you press Enter directly after entering the set keyword, you will be unable to continue to configure with the QoS configuration.


Configuring DSCP Marking


Note If you configure this value, you cannot configure the discard-class value (see the “Configuring Discard Class Marking” section).


You can set the DSCP value in the six most significant bits of the DiffServ field of the IP header to a specified value. You can enter numeric values from 0 to 60, in addition to the standard DSCP values shown in Table 4-2 .

 

Table 4-2 Standard DSCP Values

Value
List of DSCP Values

af11

AF11 dscp (001010)—decimal value 10

af12

AF12 dscp (001100)—decimal value 12

af13

AF13 dscp (001110)—decimal value 14

af21

AF21 dscp (010010)—decimal value 18

af22

AF22 dscp (010100)—decimal value 20

af23

AF23 dscp (010110)—decimal value 22

af31

AF31 dscp (011010)—decimal value 26

af32

AF40 dscp (011100)—decimal value 28

af33

AF33 dscp (011110)—decimal value 30

af41

AF41 dscp (100010)—decimal value 34

af42

AF42 dscp (100100)—decimal value 36

af43

AF43 dscp (100110)—decimal value 38

cs1

CS1 (precedence 1) dscp (001000)—decimal value 8

cs2

CS2 (precedence 2) dscp (010000)—decimal value 16

cs3

CS3 (precedence 3) dscp (011000)—decimal value 24

cs4

CS4 (precedence 4) dscp (100000)—decimal value 32

cs5

CS5 (precedence 5) dscp (101000)—decimal value 40

cs6

CS6 (precedence 6) dscp (110000)—decimal value 48

cs7

CS7 (precedence 7) dscp (111000)—decimal value 56

default

Default dscp (000000)—decimal value 0

ef

EF dscp (101110)—decimal value 46

For more information about DSCP, see RFC 2475.

SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

4. set dscp dscp-value

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] [ qos - policy-map-name | qos-dynamic ]

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set dscp dscp-value

 

Example:

switch(config-pmap-c-qos)# set dscp af31

switch(config-pmap-c-qos)#

Sets the DSCP value to dscp-value. Standard values are shown in Table 4-2 .

This example shows how to display the policy-map configuration as shown below:

switch# show policy-map policy1

Configuring IP Precedence Marking

You can set the value of the IP precedence field in bits 0–2 of the IPv4 type of service (ToS) field of the IP header.


Note The device rewrites the last 3 bits of the ToS field to 0 for packets that match this class.


Table 4-3 shows the precedence values.

 

Table 4-3 Precedence Values

Value
List of Precedence Values

<0-7>

IP precedence value

critical

Critical precedence (5)

flash

Flash precedence (3)

flash-override

Flash override precedence (4)

immediate

Immediate precedence (2)

internet

Internetwork control precedence (6)

network

Network control precedence (7)

priority

Priority precedence (1)

routine

Routine precedence (0)

SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set precedence precedence-value

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] [ qos-policy-map-name | qos-dynamic ]

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set precedence precedence-value

 

Example:

switch(config-pmap-c-qos)# set precedence 3

switch(config-pmap-c-qos)#

Sets the IP precedence value to precedence-value. The value can range from 0 to 7. You can enter one of the values shown in Table 4-3 .

This example shows how to display the policy-map configuration:

switch# show policy-map policy1

Configuring CoS Marking

You can set the value of the CoS field in the high-order three bits of the VLAN ID Tag field in the IEEE 802.1Q header.

SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set cos cos-value

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] [qos- policy-map-name | qos-dynamic ]

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set cos cos-value

 

Example:

switch(config-pmap-c-qos)# set cos 3

switch(config-pmap-c-qos)#

Sets the CoS value to cos-value. The value can range from 0 to 7.

This example shows how to display the policy-map configuration:

switch# show policy-map policy1

Configuring QoS Group Marking

You can set the value of the internal label QoS group, which is only locally significant. You can reference this value in subsequent policy actions or classify traffic that is referenced in egress policies by using the match qos-group class-map command.


Note You can set QoS group only in ingress policies.


SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set qos-group qos-group-value

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] {qos-policy-map-name | qos-dynamic }

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set qos-group qos-group-value

 

Example:

switch(config-pmap-c-qos)# set qos-group 100

switch(config-pmap-c-qos)#

Sets the QoS group value to qos-group-value. The value can range from 0 to 126.

This example shows how to display the policy-map configuration:

switch# show policy-map policy1

Configuring Discard Class Marking


Note If you configure this value, you cannot configure the DSCP value. See the “Configuring DSCP Marking” section.


You can set the value of the internal label discard class, which is locally significant only. You can reference this value in subsequent policy actions or classify traffic that is referenced in egress policies by using the match discard-class class-map command.


Note You can set the discard class only in ingress policies.


SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set discard-class discard-class-value

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] {qos-policy-map-name | qos-dynamic }

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set discard-class discard-class-value

 

Example:

switch(config-pmap-c-qos)# set discard-class 40

switch(config-pmap-c-qos)#

Sets the discard class value to discard-class-value. The value can range from 0 to 63.

Note For information on using table maps with marking, see the “Configuring Marking Using Table Maps” section.

This example shows how to display the policy-map configuration:

switch# show policy-map policy1

Configuring Ingress and Egress Marking

You can apply the marking instructions in a QoS policy map to ingress or egress packets by attaching that QoS policy map to an interface. To select ingress or egress, you specify either the input or output keyword in the service-policy command. For detailed instructions, see the “Attaching and Detaching a QoS Policy Action from an Interface” section.

Configuring DSCP Port Marking

You can set the DSCP value for each class of traffic defined in a specified ingress policy map.

The default behavior of the device is to preserve the DSCP value, or to trust DSCP. To make the port untrusted, change the DSCP value. Unless you configure a QoS policy and attach that policy to specified interfaces, the DSCP value is preserved.


Note You can attach only one policy type qos map to each interface in each direction.

  • The DSCP value is trust on the Layer 3 port of a Cisco NX-OS device.
  • If the default policy-map policy is used, DSCP maps to a relevant CoS value and the queuing works correctly.
  • If a customer policy is used, you must manually set the DSCP value to map to a CoS value so that the traffic is queued to the correct queue.


 

SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set dscp -value

5. exit

6. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

7. set dscp -value

8. exit

9. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

10. set dscp -value

11. exit

12. interface ethernet { slot / port }

13. service-policy [ type qos ] { input | output } { policy-map-name | qos-dynamic } [ no-stats ]

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] [qos- policy-map-name | qos-dynamic ]

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set dscp -value

 

Example:

switch(config-pmap-c-qos)# set dscp af31

switch(config-pmap-c-qos)#

Sets the DSCP value to dscp-value. Valid values are shown in Table 4-2 .

Step 5

exit

 

Example:

switch(config-pmap-c-qos)# exit

switch(config-pmap-qos)#

Returns to policy-map configuration mode.

Step 6

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class2

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 7

set dscp -value

 

Example:

switch(config-pmap-c-qos)# set dscp af13

switch(config-pmap-c-qos)#

Sets the DSCP value to dscp-value. Valid values are shown in Table 4-2 .

Step 8

exit

 

Example:

switch(config-pmap-c-qos)# exit

switch(config-pmap-qos)#

Returns to policy-map configuration mode.

Step 9

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class-default

switch(config-pmap-c-qos)#

Creates a reference to class-map-name, and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 10

set dscp -value

 

Example:

switch(config-pmap-c-qos)# set dscp af22

switch(config-pmap-c-qos)#

Sets the DSCP value to dscp-value. Valid values are shown in Table 4-2 .

Step 11

exit

 

Example:

switch(config-pmap-c-qos)# exit

switch(config-pmap-qos)#

Returns to policy-map configuration mode.

Step 12

interface ethernet {slot/port}

Example:

switch(config)# interface ethernet 1/1

switch(config-if)#

Enters interface mode to configure the Ethernet interface.

Step 13

service-policy [type qos] {input | output} { policy-map-name | qos-dynamic} [no-stats]

 

Example:

switch(config-if)# service-policy input policy1

switch(config-if)#

Adds policy-map-name to the input packets of the interface. You can attach only one input policy and one output policy to an interface.

This example shows how to display the policy-map configuration:

switch# show policy-map policy1

Configuring Table Maps for Use in Marking

You can use the system-defined table maps to define the mapping of values from one variable to another from a source QoS field to a destination QoS field. For the list of system-defined table maps, see Chapter3, “Using Modular QoS CLI” The source and destination fields are determined by the context of the table map in the set and police commands. For information about table maps, see the “Configuring Marking Using Table Maps” section.


Note The system-defined table maps are not configurable. To display the current values, enter the show table map command.


Use the default command to define the destination value of unmapped source values. By default, unmapped values are copied to the destination value, so that the destination value is the same as the source value. The ignore variable for the default command is no longer supported.


Note You can use only one of the system-defined, table maps in this procedure. For information on the system-defined table maps, see Chapter3, “Using Modular QoS CLI”


Configuring Marking Using Table Maps

You can use the system-defined table maps to perform marking in the set and police policy map class commands.


Note For the list of system-defined table maps, see Chapter3, “Using Modular QoS CLI”


A source field and destination field are specified in the command that maps to the source and destination values supplied in the referenced table map. The QoS fields that can be used in these commands are listed in Table 4-4 .

 

Table 4-4 QoS Table Map Fields

QoS Table Map Field
Description

CoS

Class of service field in the 802.1Q header.

DSCP

Differentiated Services Code Point in the IP header.

IP precedence

Bits 0–2 of the IPv4 ToS field.

Discard class

Locally significant values that can be matched and manipulated within the system. The range is from 0 to 63.

By using the system-defined table maps, you cannot change unlike values, but you can only change one value to another when it is the same variable. You can use the markdown system-defined table maps for the exceed or violate action of the police command by using the same syntax as the set command.


Note The internal label QoS group is not supported through table maps.



Note Marking down in the police command requires the use of a table map.


For information on the police command, see Chapter6, “Configuring Policing”

SUMMARY STEPS

1. configure terminal

2. policy-map [ type qos ] [ match-first ] { qos-policy-map-name | qos-dynamic }

3. class [ type qos ] { class-map-name | qos-dynamic | class-default} [ insert-before before-class-map-name ]

4. set { cos | dscp | discard-class | precedence | discard-class } { cos | dscp | discard-class | precedence | discard-class } table-map-name

5. exit

DETAILED STEPS

 

Command
Purpose

Step 1

configure terminal

 

Example:

switch# configure terminal

switch(config)#

Enters configuration mode.

Step 2

policy-map [ type qos ] [ match-first ] {qos- policy-map-name | qos-dynamic }

 

Example:

switch(config)# policy-map policy1

switch(config-pmap-qos)#

Creates or accesses the policy map named qos- policy-map-name, and then enters policy-map mode. The policy-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.

Step 3

class [ type qos ] { class-map-name | qos-dynamic | class-default } [ insert-before before-class-map-name ]

 

Example:

switch(config-pmap-qos)# class class1

switch(config-pmap-c-qos)#

Creates a reference to class-map-name and enters policy-map class configuration mode. The class is added to the end of the policy map unless insert-before is used to specify the class to insert before. Use the class-default keyword to select all traffic that is not currently matched by classes in the policy map.

Step 4

set {cos | dscp | discard-class | precedence | discard-class} {cos | dscp | discard-class| precedence | discard-class} table-map-name

 

Example:

switch(config-pmap-c-qos)# set cos dscp cos-dscp-map

switch(config-pmap-c-qos)#

Sets the first packet field to the value of the second packet field based on the mapping values specified in the referenced table-map-name.

Note The table-map-name must be the name of one of the system-defined table maps, which are not configurable, listed in Chapter3, “Using Modular QoS CLI” You cannot use the name of a user-defined table in this procedure.

The example shows that CoS is replaced by DSCP based on the system-defined cos-dscp-map.

Step 5

exit

 

Example:

switch(config-pmap-c)# exit

switch(config-pmap-qos)#

Returns to policy-map configuration mode.

This example shows how to display the policy1 policy-map configuration:

switch# show policy-map policy

Verifying the Marking Configuration

To display the marking configuration information, perform one of the following tasks:

Command
Purpose

show table-map

Displays all table maps.

show policy-map

Displays all policy maps.

Configuration Examples for Marking

The following example shows how to configure marking:

configure terminal
policy-map type qos untrust_dcsp
class class-default
set dscp 0
policy-map type queuing untrust_1Gport_policy
class type queuing 2q4t-in-q-default
set cos 0
policy-map type queuing untrust_10Gport_policy
class type queuing 8q2t-in-q-default
set cos 0
 

Feature History for Marking

Table 4-5 lists the release history for this feature.

 

Table 4-5 Feature History for Marking

Feature Name
Releases
Feature Information

set cos command

5.0(3)

Support for set cos command in ingress policies.