This is a small post about one specific Cisco Catalyst 4500 Classification characteristic. The one I was lucky to find and read in advance before I deployed QoS configuration changes. Here it is.
If you run Cisco Catalyst 4500 on a Supervisor card older than V-10GE, software older than Cisco IOS Release 12.2(31)SG and you classify traffic with service-policy that refers to DSCP value (via ACL, or class-map match statements), you MUST HAVE qos trust dscp configured on a port!
Simple as that. If you don’t do that, your service-policy won’t see DSCP values, and won’t be able to classify traffic in a right manner. Here’s a screenshot from the Cisco Catalyst 4500 QoS configuration guide that proves my words.
Cisco IOS routers and switches mark locally originated SSH and Telnet traffic with 802.1p = 6, DSCP = CS6 (48). That is, if you initiate an SSH session to the router, the returning traffic will have DSCP set to CS6. It’s a bit weird because Cisco IOS CLI states that default DSCP value for locally originated SSH packets is 0. Continue reading →
It’s a pleasure to work with Cisco TAC. I would say this is the only way to instantly improve your troubleshooting skills in any area. I was involved in Cisco 6509 troubleshooting that turned to be an IOS software-to-hardware QoS configuration bug. With this post I will slightly cover the bug logic and will show you the way to confirm QoS configuration in Cisco 6509’s module hardware. Continue reading →