Usage Guidelines

If you enable QoS globally, QoS is enabled on all interfaces with the exception of the interfaces where you disabled QoS. If you disable QoS globally, all traffic is passed in QoS pass-through mode.

In port-queueing mode, Policy Feature Card (PFC) QoS (marking and policing) is disabled, and packet type of service (ToS) and class of service (CoS) are not changed by the PFC. All queueing on rcv and xmt is based on a QoS tag in the incoming packet, which is based on the incoming CoS.

For 802.1Q or Inter-Switch Link (ISL)-encapsulated port links, queueing is based on the packet 802.1Q or ISL CoS.

For the router main interfaces or access ports, queueing is based on the configured per-port CoS (the default CoS is 0).

This command enables or disables ternary content addressable memory (TCAM) QoS on all interfaces that are set in the OFF state.

Usage Guidelines

This command is deprecated on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Although the CLI allows you to configure PFC-based QoS on the WAN ports on the OC-12 ATM OSMs and on the WAN ports on the channelized OSMs, PFC-based QoS is not supported on the WAN ports on these OSMs.

If you disable QoS globally, it is also disabled on all interfaces.

This command enables or disables TCAM QoS (classification, marking, and policing) for the interface.

Usage Guidelines

When you enter the mls qos 10g-only command, a supervisor engine with both 1-Gigabit and 10-Gigabit Ethernet uplink ports reallocates the interface queue capacity to improve the performance of its 10-Gigabit Ethernet ports. The reallocation is possible only in 10g-only mode, in which the supervisor engine’s 1-Gigabit Ethernet ports are not used. In the normal mode, when all supervisor engine ports are active, the queue structure is 2q4t on receive and 1p3q4t on transmit. In 10g-only mode, the queue structure is 8q4t on receive and 1p7q4t on transmit.

Note	To display detailed information about the queues, use the show queueing interface command.

When you switch between normal and 10g-only modes, any existing QoS configuration on the uplink ports is lost, and you must reconfigure QoS. In addition, service will be temporarily lost on the ports during the transition.

You must shut down the 1-Gigabit Ethernet ports before entering the mls qos 10g-only command. If you do not shut down the ports, the mode change will not occur.

When you switch from 10g-only mode to normal mode, you must enter the no shutdown command on each of the 1-Gigabit Ethernet ports to resume QoS service on those ports.

With CSCty37687, when you switch from 10g-only mode to normal mode, you must remove the trust state and the default class of service (CoS) value on the 1-Gigabit supervisor engine uplink ports.

In 10g-only mode, the 1-Gigabit Ethernet ports are visible, but they remain in an administratively down state.

The mls qos 10g-only command affects only active and standby supervisors, but if you have four supervisors, you must apply it to the in-chassis standby supervisors.

Usage Guidelines

This policer can be shared by different policy map classes and on different interfaces. The Cisco 7600 series routers supports up to 1023 aggregates and 1023 policing rules.

The mlsqosaggregate-policer command allows you to configure an aggregate flow and a policing rule for that aggregate. When you enter the rate and burst parameters, the range for the average rate is 32 kbps to 10 Gbps (entered as 32000 and 10000000000) and the range for the burst size is 1 KB (entered as 1000) to 31.25 MB (entered as 31250000). Modifying an existing aggregate rate limit entry causes that entry to be modified in NVRAM and in the Cisco 7600 series routers if that entry is currently being used.

Note	Because of hardware granularity, the rate value is limited, so the burst that you configure may not be the value that is used.

Modifying an existing microflow or aggregate rate limit modifies that entry in NVRAM as well as in the Cisco 7600 series routers if it is currently being used.

When you enter the aggregate policer name, follow these naming conventions:

• Maximum of 31 characters and may include a-z, A-Z, 0-9, the dash character (-), the underscore character (_), and the period character (.).

• Must start with an alphabetic character and must be unique across all ACLs of all types.

• Case sensitive.

• Cannot be a number.

• Must not be a keyword; keywords to avoid are all , default-action , map , help , and editbuffer.

Aggregate policing works independently on each DFC-equipped switching module and independently on the PFC2, which supports any non-DFC-equipped switching modules. Aggregate policing does not combine flow statistics from different DFC-equipped switching modules. You can display aggregate policing statistics for each DFC-equipped switching module, PFC2, and any non-DFC-equipped switching modules that are supported by the PFC2 by entering the showmlsqosaggregatepolicer command.

Usage Guidelines

This command is supported on SVIs only.

On Cisco 7600 series routers that are configured with a Supervisor Engine 2, you must enable the mlsqosbridged command on an SVI for the microflow policing of IPv4 multicast packets if the user policy is attached to an SVI.

Usage Guidelines

The mlsqoschannel-consistency command is supported on port channels only.

Usage Guidelines

Cisco 3660, 3845, 6500, 7200, 7400, and 7500 Series Routers

You can assign the default CoS and differentiated services code point (DSCP) value to all packets entering a port if the port has been configured by use of the override keyword.

Use the override keyword when all incoming packets on certain ports deserve a higher or lower priority than packets the enter from other ports. Even if a port was previously set to trust DSCP or CoS, this command overrides that trust state, and all the CoS values on the incoming packets are changed to the default CoS value that is configured with the mlsqoscos command. If an incoming packet is tagged, the CoS value of the packet is modified at the ingress port. It is changed to the default CoS of that port.

Use the showmlsqosinterface privileged EXEC command to verify your settings.

Cisco 7600 Series Routers

CoS values are configurable on physical LAN ports only.

On Cisco 7600 series routers that are configured with a Supervisor Engine 2, the following restrictions apply:

• This command is not supported on any WAN interface on the Optical Service Modules (OSMs).

• This command is not supported on 4-port Gigabit Ethernet WAN ports.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Usage Guidelines

This command is supported in PFC3BXL or PFC3B mode only.

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Usage Guidelines

With mlsqosloopback applied at the interface, the packets are not forwarded to the destination.

Before you enter the mlsqosloopback command, you must specify a MAC address for the Optical Services Modules (OSM) interface. The MAC address must be different from the LAN router MAC address that is used in PFC2 hardware switching.

Usage Guidelines

All of the CoS-to-DSCP and DSCP-to-CoS maps are globally defined. You apply all maps to all ports.

If you enter the mlsqostrustcos command, the default CoS-to-DSCP map is applied.

If you enter the mlsqostrustdscp command, the default DSCP-to-CoS map is applied.

After a default map is applied, you can define the CoS-to-DSCP or DSCP-to-CoS map by entering consecutive mlsqosmap commands.

If the mlsqostrustdscp command is entered and a packet with an untrusted DSCP value is at an ingress port, the packet CoS value is set to 0.

Use the showmlsqosmaps privileged EXEC command to verify your settings.

Usage Guidelines

All of the CoS-to-DSCP and DSCP-to-CoS maps are globally defined. You apply all maps to all ports.

If you enter the mlsqostrustcos command, the default CoS-to-DSCP map is applied.

If you enter the mlsqostrustdscp command, the default DSCP-to-CoS map is applied.

After a default map is applied, you can define the CoS-to-DSCP or DSCP-to-CoS map by entering consecutive mlsqosmap commands.

If the mlsqostrustdscp command is entered and a packet with an untrusted DSCP value is at an ingress port, the packet CoS value is set to 0.

Use the showmlsqosmaps privileged EXEC command to verify your settings.

Usage Guidelines

This command is not supported on the Catalyst 6500 series switches and the Cisco 7600 series routers that are configured with a Supervisor Engine 2.

This command is supported on the Catalyst 6500 series switches and the Cisco 7600 series routers that are configured with the following modules only:

• WS-X6704-10GE

• WS-X6724-SFP

• WS-X6748-GE-TX

CoS mutation is not supported on non-802.1Q tunnel ports.

When you enter the mlsqosmapcos-mutation command, you are configuring the mutated-CoS values map to sequential ingress-CoS numbers. For example, by entering the mlsqosmapcos-mutation23456701 command, you configure this map:

Separate the eight CoS values by a space.

After you define the map in global configuration mode, you can attach the map to a port.

If QoS is disabled, the port is not in a trust CoS mode, and the port is not in 802.1Q tunneling mode. The changes appear once you put the port into trust CoS mode and the port is configured as an 802.1Q tunnel port.

Release 12.2(17b)SXA and later releases support ingress-CoS mutation on 802.1Q tunnel ports and is on a per-port group basis only.

To avoid ingress-CoS mutation configuration failures, only create EtherChannels where all member ports support ingress-CoS mutation or where no member ports support ingress-CoS mutation. Do not create EtherChannels with mixed support for ingress-CoS mutation.

If you configure ingress-CoS mutation on a port that is a member of an EtherChannel, the ingress-CoS mutation is applied to the port-channel interface.

You can configure ingress-CoS mutation on port-channel interfaces.

Usage Guidelines

The DSCP-to-CoS map is used to map the final DSCP classification to a final CoS. This final map determines the output queue and threshold to which the packet is assigned. The CoS map is written into the Inter-Switch Link (ISL) header or 802.1Q tag of the transmitted packet on trunk interfaces and contains a table of 64 DSCP values and the corresponding CoS values. The Catalyst 6500 series switch and the Cisco 7600 series router have one map.

All of the CoS-to-DSCP and DSCP-to-CoS maps are globally defined. You apply all maps to all ports.

If you enter the mlsqostrustcos command, the default CoS-to-DSCP map is applied.

If you enter the mlsqostrustdscp command, the default DSCP-to-CoS map is applied.

After a default map is applied, you can define the CoS-to-DSCP or DSCP-to-CoS map by entering consecutive mlsqosmap commands.

If the mlsqostrustdscp command is entered and a packet with an untrusted DSCP value is at an ingress port, the packet CoS value is set to 0.

Use the showmlsqosmaps privileged EXEC command to verify your settings.

Usage Guidelines

This command is supported in PFC3BXL or PFC3B mode only.

The DSCP-to-EXP map is used to map the final DSCP value to a final EXP value. This final map determines the output queue and threshold to which the packet is assigned. The EXP map contains a table of 64 DSCP values and the corresponding EXP values. The Catalyst 6500 series switch and the Cisco 7600 series router have one map.

You can enter up to eight DSCP values separated by a space. You can enter up to eight EXP values separated by a space.

Usage Guidelines

This command is not supported on the Catalyst 6500 series switches and the Cisco 7600 series routers that are configured with a Supervisor Engine 2.

When configuring a named DSCP mutation map, note the following:

• You can enter up to eight input DSCP values that map to a mutated DSCP value.

• You can enter multiple commands to map additional DSCP values to a mutated DSCP value.

• You can enter a separate command for each mutated DSCP value.

You can configure 15 egress-DSCP mutation maps to mutate the internal DSCP value before it is written as the egress-DSCP value. You can attach egress-DSCP mutation maps to any interface that Policy Feature Card (PFC) QoS supports.

PFC QoS derives the egress-class-of-service (CoS) value from the internal DSCP value. If you configure egress-DSCP mutation, PFC QoS does not derive the egress-CoS value from the mutated DSCP value.

Usage Guidelines

This command is supported in PFC3BXL or PFC3B mode only.

The DSCP in these maps refers to the internal DSCP, not the packet DSCP.

The EXP-to-DSCP map is used to map the received EXP value to the internal DSCP map. This final map determines the output queue and threshold to which the packet is assigned. The EXP map contains a table of 64 DSCP values and the corresponding EXP values. The Catalyst 6500 series switch and the Cisco 7600 series router have one map.

You can enter up to eight DSCP values separated by a space.

Usage Guidelines

This command is not supported on the Catalyst 6500 series switch and the Cisco 7600 series router that are configured with a Supervisor Engine 2.

This command is supported in PFC3BXL or PFC3B mode only.

When you enter themlsqosmapexp-mutation command, you are configuring the mutated EXP values map to the sequential EXP numbers. For example, by entering the mlsqosmapexp-mutation23456701 command, you configure the map as shown in the table below:

Separate the eight EXP values by a space.

After you define the map in global configuration mode, you can attach the map to a port.

You can configure 15 ingress-EXP mutation maps to mutate the internal EXP value before it is written as the ingress-EXP value. You can attach ingress-EXP mutation maps to any interface that Policy Feature Card (PFC) quality of service (QoS) supports.

The PFC QoS derives the egress EXP value from the internal differentiated services code point (DSCP) value. If you configure ingress-EXP mutation, PFC QoS does not derive the ingress-EXP value from the mutated EXP value.

Usage Guidelines

Use the mlsqosmapip-prec-dscp command to map the IP precedence of IP packets arriving on trusted interfaces (or flows) to a DSCP when the trust type is trust-ipprec.

You can enter up to eight DSCP values separated by a space.

This map is a table of eight precedence values (0 through 7) and their corresponding DSCP values. The Catalyst 6500 series switch and the Cisco 7600 series router have one map. The IP precedence values are as follows:

• network 7

• internet 6

• critical 5

• flash-override 4

• flash 3

• immediate 2

• priority 1

• routine 0

Usage Guidelines

The DSCP-to-policed-DSCP map determines the marked-down DSCP value that is applied to out-of-profile flows. The Catalyst 6500 series switch and the Cisco 7600 series router have one map.

You can enter up to eight DSCP values separated by a space.

You can enter up to eight policed DSCP values separated by a space.

Note	To avoid out-of-sequence packets, configure the DSCP-to-policed-DSCP map so that marked-down packets remain in the same queue as the in-profile traffic.

Usage Guidelines

Use the mlsqosmarkingignoreport-trust command to mark packets even if the interface is trusted.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Use the showpolicy-mapinterface command to display policy-map statistics.

Usage Guidelines

You can enter the mlsqosmplstrustexperimental command to treat MPLS packets as other Layer 2 packets for class of service (CoS) and egress queueing purposes (for example, to apply port or policy trust). All trusted cases (trust CoS/IP/Differentiated Services Code Point (DSCP)) are treated as trust-cos.

Class of Service (CoS) refers to three bits in either an ISL header or an 802.1Q header that are used to indicate the priority of the Ethernet frame as it passes through a switched network. The CoS bits in the 802.1Q header are commonly referred to as the 802.1p bits. To maintain QoS when a packet traverses both Layer 2 and Layer 3 domain, the ToS and CoS values can be mapped to each other.

Usage Guidelines

This command is supported on PFC3BXL or PFC3B mode only. With Release 12.2(17b)SXA, enter the showplatformearl-mode command to display the PFC3 mode.

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

Use the nomlsqospoliceredirected command whenever you require NetFlow Data Export (NDE) accuracy (if you do not require QoS-redirected packets).

Usage Guidelines

You can use the mlsqospoliceserial command to configure the PFC3C or PFC3CXL ingress and egress policers to operate independently of each other (in serial mode ). Normally, ingress and egress policers operate in parallel mode, where action by one policer causes a corresponding action in the other. For example, if the egress policer drops a packet, the ingress policer does not count the packet either. In serial mode, however, action by one policer does not cause a corresponding action in the other.

Note	This command does not affect marking using policers.

Usage Guidelines

This command does not support ARP, ISIS, or EIGRP on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

If you enter the precedence value keyword and arguments without entering the police rate burst keyword and arguments, only the packets from an untrusted port are marked.

You can make the protocol packets avoid the per-interface policy maps by entering the police rate , pass-through , or precedence value keywords and arguments.

The mlsqosprotocol command allows you to define the routing-protocol packet policing as follows:

• When you specify the pass-through mode, the DSCP value does not change and is not policed.

• When you set the police rate , the DSCP value does not change and is policed.

• When you specify the precedence value , the DSCP value changes for the packets that come from an untrusted port, the class of service (CoS) value that is based on DSCP-to-CoS map changes, and the traffic is not policed.

• When you specify the precedence value and the police rate , the DSCP value changes, the CoS value that is based on DSCP-to-CoS map changes, and the DSCP value is policed. In this case, the DSCP value changes are based on the trust state of the port; the DSCP value is changed only for the packets that come from an untrusted port.

• If you do not enter a precedence value , the DSCP value is based on whether or not you have enabled multilayer switching (MLS) QoS as follows:

  • If you enabled MLS QoS and the port is untrusted, the internal DSCP value is overwritten to zero.
  • If you enabled MLS QoS and the port is trusted, then the incoming DSCP value is maintained.

You can make the protocol packets avoid policing completely if you choose the pass-through mode. If the police mode is chosen, the committed information rate (CIR) specified is the rate that is used to police all the specified protocol’s packets, both entering or leaving the Cisco 7600 series router.

To protect the system by ARP broadcast, you can enter the mlsqosprotocolarppolice bps command.

Usage Guidelines

In port-queueing mode, Policy Feature Card (PFC) QoS (marking and policing) is disabled, and packet type of service (ToS) and class of service (CoS) are not changed by the PFC. All queueing on rcv and xmt is based on a QoS tag in the incoming packet, which is based on the incoming CoS.

For 802.1Q or Inter-Link Switch (ISL)-encapsulated port links, queueing is based on the packet 802.1Q or ISL CoS.

For router main interfaces or access ports, queueing is based on the configured per-port CoS (the default CoS is 0).

Usage Guidelines

This command is supported on 10-Gigabit Ethernet ports only.

You should configure ports to trust DSCP only if they receive traffic that carries valid Layer 3 DSCP.

In Release 12.2(18)SXF5 and later releases, you can enable DSCP-based ingress queues and thresholds on WS-X6708-10GE ports to provide congestion avoidance.

In releases earlier than Release 12.2(18)SXF5, the ingress port queues and thresholds use only Layer 2 Class of Service (CoS), and Policy Feature Card (PFC) QoS does not implement ingress port congestion avoidance on ports configured to trust DSCP.

For traffic from trust DSCP ports, Policy Feature Card (PFC) QoS uses the received DSCP value as the initial internal DSCP value. PFC QoS does not mark any traffic on ingress ports configured to trust received DSCP.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

If you disable ToS-to-DSCP rewrite, and QoS is enabled globally, the following occurs:

• Final ToS-to-DSCP rewrite is disabled, and the DSCP packet is preserved.

• Policing and marking function according to the QoS configuration.

• Marked and marked-down class of service (CoS) is used for queueing.

• In QoS disabled mode, both ToS and CoS are preserved.

The nomlsqosrewriteipdscp command is incompatible with Multiprotocol Label Switching (MPLS). The default mlsqosrewriteipdscp command must remain enabled in order for the PFC3BXL or PFC3B to assign the correct MPLS Experimental (EXP) value for the labels that it imposes. This restriction does not apply to PFC3C or PFC3CXL forward.

The mlsqosrewriteipdscp slot command can be used for disabling ToS-to-DSCP rewrite on supervisors or DFC linecards. Although the command will be accepted for non-DFC linecard slots, it does not come into effect unless a DFC linecard is inserted into that slot.

To disable rewrite on packets that are coming in on non-DFC linecards, disable the rewrite on the supervisor slots. Note that this disables the rewrite on packets that are coming in on all non-DFC linecards on the system.

Usage Guidelines

You must enable data export globally to set up data export on your Cisco 7600 series routers.

QoS-statistics data export is not supported on OSM interfaces.

For QoS-statistics data export to perform correctly, you should set the export-destination hostname or IP address and the User Datagram Port (UDP) number.

Usage Guidelines

QoS-statistics data export is not supported on OSM interfaces.

You must enable data export on the port and globally to set up data export on your Cisco 7600 series routers.

For QoS-statistics data export to perform correctly, you should set the export-destination hostname or IP address and the User Datagram Port (UDP) number.

QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mlsqosstatistics-exportdelimiter command.

Port statistics are exported; port QoS statistics are not exported. For each data export-enabled port, the following information is exported:

• Type (1 denotes the type of port)

• Module/port

• In packets (cumulated hardware-counter values)

• In bytes (cumulated hardware-counter values)

• Out packets (cumulated hardware-counter values)

• Out bytes (cumulated hardware-counter values)

• Time stamp (time in seconds since January 1, 1970 UTC relative)

For example, if you have QoS-statistics data export that is enabled on FastEthernet4/5, the exported records could be (in this example, the delimiter is a | [pipe]) as follows:

|1|4/5|123|80|12500|6800|982361894|

Usage Guidelines

QoS-statistics data export is not supported on Optical Services Modules (OSM) interfaces.

You must enable data export on the shared aggregate policer and globally to set up data export on your Cisco 7600 series routers.

QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mlsqosstatistics-exportdelimiter command.

For each data export-enabled shared aggregate or named policer, statistics data per policer per EARL is exported. For each data export-enabled shared aggregate or named policer, the following information is exported:

• Type (3 denotes aggregate policer export type)

• Aggregate name

• Direction (in or out)

• Encoded Address Recognition Logic (EARL) identification

• Accepted packets (accumulated hardware-counter values)

• Exceeded normal-rate packets (accumulated hardware-counter values)

• Exceeded excess-rate packets (accumulated hardware-counter values)

• Time stamp (time in seconds since January 1, 1970 UTC relative)

If a shared aggregate policer is attached to policies in both directions, two records are exported (one in each direction). Each record will contain the same counter values for accepted packets, exceeded normal packet rates, and exceeded excess packet rates.

For example, if you have the following configuration:

• QoS-statistics data export that is enabled on the shared aggregate policer named “aggr_1”

• An EARL in the supervisor engine that is installed in slot 1

• An EARL on the Distributed Forwarding Card (DFC) that is installed in slot 3

the exported records could be (note that in this example, the delimiter is a | [pipe]) as follows:

|3|agg_1|in|1|45543|2345|982361894|
|3|agg_1|in|3|45543|2345|982361894|

Usage Guidelines

QoS-statistics data export is not supported on OSM interfaces.

You must enable data export on the class map and globally to set up data export on your Cisco 7600 series routers.

QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mlsqosstatistics-exportdelimiter command.

For each data export-enabled class map, statistics data per policer per interface is exported. If the interface is a physical interface, the following information is exported:

• Type (4 denotes class map physical export)

• Class-map name

• Direction (in or out)

• Module/port

• Accepted packets (accumulated hardware-counter values)

• Exceeded normal-rate packets (accumulated hardware-counter values)

• Exceeded excess-rate packets (accumulated hardware-counter values)

• Time stamp (time in seconds since January 1, 1970 UTC relative)

If the interface is a Cisco 7600 series router VLAN, the following information is exported:

• Type (5 denotes class-map VLAN export)

• Class-map name

• Direction (in or out)

• Encoded Address Recognition Logic (EARL) identification (slot number in which the EARL is installed)

• VLAN number

• Accepted packets (cumulated hardware-counter values)

• Exceeded normal-rate packets (cumulated hardware-counter values)

• Exceeded excess-rate packets (cumulated hardware-counter values)

• Time stamp (time in seconds since January 1, 1970 UTC relative)

If the interface is a Cisco 7600 series router port channel, the following information is exported:

• Type (6 denotes class-map port-channel export)

• Class-map name

• Direction (in or out)

• EARL identification (slot number in which the EARL is installed)

• Port-channel number

• Accepted packets (cumulated hardware-counter values)

• Exceeded normal-rate packets (cumulated hardware-counter values)

• Exceeded excess-rate packets (cumulated hardware-counter values)

• Time stamp (time in seconds since January 1, 1970 UTC relative)

For example, if you have the following configuration:

• QoS-statistics data export enabled on the class map named “class_1”

• An EARL in the supervisor engine that is installed in slot 1

• An EARL on the Distributed Forwarding Card (DFC) that is installed in slot 3

• The Cisco 7600 series router is in the policy map named “policy_1”

• policy_1 is attached to the following interfaces in the ingress direction:

  • FastEthernet4/5
  • VLAN 100
  • Port-channel 24

The exported records could be (in this example, the delimiter is a | [pipe]) as follows:

|4|class_1|in|4/5|45543|2345|2345|982361894|

|5|class_1|in|1|100|44000|3554|36678|982361894|

|5|class_1|in|3|100|30234|1575|1575|982361894|

Usage Guidelines

QoS-statistics data export is not supported on Optical Service Module (OSM) interfaces.

You must enable data export globally to set up data export on your Cisco 7600 series routers.

Usage Guidelines

QoS-statistics data export is not supported on Optical Service Module (OSM) interfaces.

Valid facility values are as follows:

• authorization --Security/authorization messages

• cron --Clock daemon

• daemon --System daemon

• kernel --Kernel messages

• local0 --Local use 0

• local1 --Local use 1

• local2 --Local use 2

• local3 --Local use 3

• local4 --Local use 4

• local5 --Local use 5

• local6 --Local use 6

• local7 --Local use 7

• lpr --Line printer subsystem

• mail --Mail system

• news --Network news subsystem

• syslog --Messages that are generated internally by syslogd

• user --User-level messages

• uucp --UNIX-to-UNIX Copy Program (UUCP) subsystem

Valid severity levels are as follows:

• alert --Action must be taken immediately

• critical --Critical conditions

• debug --Debug-level messages

• emergency --System is unusable

• error --Error conditions

• informational --Informational

• notice --Normal but significant conditions

• warning --Warning conditions

Usage Guidelines

QoS-statistics data export is not supported on Optical Services Module (OSM) interfaces.

The interval needs to be short enough to avoid counter wraparound with the activity in your configuration.

Caution

Be careful when decreasing the interval because exporting QoS statistics imposes a noticeable load on the Cisco 7600 series routers.

Usage Guidelines

The RSP720-10GE has both 10GE and 1GE uplink ports. You can configure the RSP720-10GE to run QoS features on all uplink ports (mixed mode) or on 10GE ports only. The number of queues available for QoS depends on which mode is used:

• In mixed mode (10GE and 1GE ports), the default, only four queues are available for QoS.

The QoS port architecture for fixed mode for 1GE ports is (Rx/Tx): 2q8t/1p3q8t .

• In 10GE only mode, eight queues are available for QoS.

The QoS port architecture for 10GE only mode is as follows (Rx/Tx):

• • 8q8t/1p7q8t (CoS)
  • 16q8t/1p15q8t (DSCP)
  • 16q1t/1p15q1t (VLAN)

When you switch between mixed-mode QoS and 10GE only mode, service is temporarily lost on the RSP720-10GE uplinks. In addition, when you switch between modes, any existing QoS configuration on the uplinks is lost. You must reconfigure QoS.

When you switch from 10GE only to mixed-mode QoS, you must issue the noshutdown command on each of the three 1GE ports to resume QoS service on those ports.

In 10GE only mode, the 1GE ports are visible but they remain in an administratively down state.

Note	To obtain more information on queues, use the showqueueinginterface command.

Usage Guidelines

Packets that enter a QoS domain are classified at its edge. Because the packets are classified at the edge, the switch port within the QoS domain can be configured to a trusted state. It is not necessary to classify the packets at every switch within the domain. Use the mlsqostrust command to set the trusted state of an interface and to indicate which fields of the packet are used to classify traffic.

When a port is configured with trust DSCP or trust IP precedence and the incoming packet is a non-IP packet, the CoS-to-DSCP map is used to derive the corresponding DSCP value from the CoS value. The CoS can be the packet CoS for trunk ports or the port default CoS for nontrunk ports.

If the DSCP is trusted, the DSCP field of the IP packet is not modified. However, it is still possible that the CoS value of the packet is modified (according to DSCP-to-CoS map).

If the CoS is trusted, the CoS field of the packet is not modified, but the DSCP can be modified (according to CoS-to-DSCP map) if the packet is an IP packet.

The trusted boundary with Cisco device verification feature, implemented with the devicecisco-phone keywords, prevents security problems if users connect a non-phone device to a switch port that is configured to support a Cisco IP phone. You must globally enable CDP on the switch and on the port connected to the IP phone. If a Cisco IP phone is not detected, QoS does not apply any configured nondefault trust setting, which prevents misuse of a high-priority queue.

If you configure the trust setting for DSCP or IP precedence, the DSCP or IP precedence values in the incoming packets are trusted. If you configure the mlsqoscosoverride interface configuration command on the switch port connected to the IP phone, the switch overrides the CoS of the incoming voice and data packets and assigns the default CoS value to them.

For an inter-QoS domain boundary, you can configure the port to the DSCP-trusted state and apply the DSCP-to-DSCP-mutation map if the DSCP values are different between the QoS domains.

Classification using a port trust state (for example, mls qos trust [cos | dscp | ip-precedence ] and a policy map (for example, service-policyinput policy-map-name ) are mutually exclusive. The last one configured overwrites the previous configuration.

The following conditions apply to the mlsqostrust command running on the Catalyst 6500 series switches or the Cisco 7600 series routers:

• The cos keyword is not supported for pos or atm interface types.

• The trust state does not apply to FlexWAN modules.

• The trust state does not apply to 1q4t LAN ports except for Gigabit Ethernet ports.

• Incoming queue drop thresholds are not implemented when you enter the mlsqostrustcos command on 4-port Gigabit Ethernet WAN modules.

Note	Use the setqos-group command to set the trust state on Catalyst 6500 series switch and Cisco 7600 series router Layer 2 WAN interfaces.

Usage Guidelines

This command is not supported on WAN modules.

If you set the phone to trusted mode, all the packets from the PC are sent untouched directly through the phone to the Cisco 7600 series router. If you set the phone to untrusted mode, all the traffic coming from the PC are remarked with the configured CoS value before being sent to the Cisco 7600 series router.

Each time that you enter the mlsqostrustextend command, the mode is changed. For example, if the mode was previously set to trusted, if you enter the command, the mode changes to untrusted. Enter the showqueueinginterface command to display the current trust mode.

Usage Guidelines

This command is supported only in PFC3C mode or PFC3CXL mode.

Enter the showmlsqos command to verify the configuration.

Usage Guidelines

This command is supported on switch-port and port-channel interfaces only.

In VLAN-based mode, the policy map that is attached to the Layer 2 interface is ignored, and QoS is driven by the policy map that is attached to the corresponding VLAN interface.

You can configure per-VLAN QoS only on Layer 2 interfaces.

Note	Layer 3 interfaces are always in interface-based mode. Layer 3 VLAN interfaces are always in VLAN-based mode.

Usage Guidelines

Use themonitorpids command to configure the PIDs to monitor in a MDI flow. By default, the first five PIDs in a new MDI flow stream are logged for monitoring. These PIDs can be video, audio or caption PIDs. However, monitoring PIDs for audio or caption data is not a priority for a customer implementing inline video monitoring, and is optional.

Usage Guidelines

Assignment of MPLS EXP levels to VC bundle members allows you to create differentiated service because you can distribute the MPLS EXP levels over the different VC bundle members. You can map a single level or a range of levels to each discrete VC in the bundle, thereby enabling VCs in the bundle to carry packets marked with different levels. Alternatively, you can configure a VC with the mplsexperimentalother command to indicate that it can carry traffic marked with levels not specifically configured for it. Only one VC in the bundle can be configured with the mplsexperimentalother command to carry all levels not specified. This VC is considered the default one.

To use this command in VC-class configuration mode, enter the vc-classatm global configuration command before you enter this command. This command has no effect if the VC class that contains the command is attached to a standalone VC, that is, if the VC is not a bundle member.

To use this command to configure an individual bundle member in bundle-VC configuration mode, first enter the bundle command to enact bundle configuration mode for the bundle to which you want to add or modify the VC member to be configured. Then use the pvc-bundle command to specify the VC to be created or modified and enter bundle-VC configuration mode.

VCs in a VC bundle are subject to the following configuration inheritance guidelines (listed in order of next highest MPLS EXP level):

• VC configuration in bundle-VC mode

• Bundle configuration in bundle mode (with the effect of assigned VC class configuration)

• Subinterface configuration in subinterface mode

Note

If you are using an ATM interface, you must configure all MPLS EXP levels (ranging from 0 to 7) for the bundle. For this configuration, Cisco recommends configuring one member of the bundle with the mplsexperimentalother command. The other keyword defaults to any MPLS EXP level in a range from 0 to 7 that is not explicitly configured.