Support User Manuals

Cisco Systems ME 3400 Switch User Manual

Open as PDF

of 1086

33-30

Cisco ME 3400 Ethernet Access Switch Software Configuration Guide

OL-9639-06

Chapter 33 Configuring QoS

Configuring QoS

• If you have EtherChannel ports configured on your switch, you must configure QoS classification,

policing, mapping, and queuing on the individual physical ports that comprise the EtherChannel.

You must decide whether the QoS configuration should match on all ports in the EtherChannel.

• Control traffic (such as spanning-tree bridge protocol data units [BPDUs] and routing update

packets) received by the switch are subject to all ingress QoS processing.

• You are likely to lose data when you change queue settings; therefore, try to make changes when

traffic is at a minimum.

See the configuration sections for specific QoS features for more configuration guidelines related to each

feature.

Using ACLs to Classify Traffic

You can classify IP traffic by using IP standard or IP extended ACLs. You can classify IP and non-IP

traffic by using Layer 2 MAC ACLs. For more information about configuring ACLs, see

Chapter 31,

“Configuring Network Security with ACLs.”

Follow these guidelines when configuring QoS ACLs:

• You cannot match IP fragments against configured IP extended ACLs to enforce QoS. IP fragments

are sent as best-effort. IP fragments are denoted by fields in the IP header.

• The switch supports only one access group per class in an input policy map.

• You cannot configure match-access group in an output policy map.

These sections describe how to create QoS ACLs:

• “Creating IP Standard ACLs” section on page 33-30

• “Creating IP Extended ACLs” section on page 33-32

• “Creating Layer 2 MAC ACLs” section on page 33-33

Creating IP Standard ACLs

Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

access-list access-list-number

permit source [source-wildcard]

Create an IP standard ACL, repeating the command as many times as

necessary.

• For access-list-number, enter the access list number. The range is 1 to 99

and 1300 to 1999.

• Always use the permit keyword for ACLs used as match criteria in QoS

policies. QoS policies do not match ACLs that use the deny keyword.

• For source, enter the network or host from which the packet is being sent.

You can use the any keyword as an abbreviation for 0.0.0.0

255.255.255.255.

• (Optional) For source-wildcard, enter the wildcard bits in dotted decimal

notation to be applied to the source.

previous next