C3560 - SVI autostate exclude
Note to self: SVI Autostate Exclude
Configuring SVI autostate exclude on an access or trunk port in an SVI excludes that port in the calculation of the status of the SVI (up or down line state) even if it belongs to the same VLAN. When the excluded port is in the up state, and all other ports in the VLAN are in the down state, the SVI state is changed to down.
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# switchport autostate exclude
LINK
C3560 Voice Vlan
Note to self: voice-vlan
SW1(config-if)#switchport voice vlan ?
<1-4094> Vlan for voice traffic
dot1p Priority tagged on PVID
none Don't tell telephone about voice vlan
untagged Untagged on PVID
[1/4094] --> voice packets are sent tagged and marked with CoS 5
dot1p --> voice packets are sent untagged and marked with IP Precedence 5
untagged --> voice packets are sent untagged and unmarked
LINK
Cisco 3560 QoS - Egress
How egress QoS works on C3560 switches:
On page 539 of Cisco QoS Exam Certification Guide I've found a better figure explaining how QoS works on 3560 switches.
Notes:
- on a interface, the Shaped mode overrides the Shared mode
- shaped means 1/weight max bandwidth % for that queue, 0 values mean shared
- only egress queue 1 can be configured as Priority Queue - (config-if)#priority-queue out
Default port configuration:
SW1#sh mls qos interface f0/3 queueing
FastEthernet0/3
Egress Priority Queue : disabled
Shaped queue weights (absolute) : 25 0 0 0
Shared queue weights : 25 25 25 25
The port bandwidth limit : 100 (Operational Bandwidth:100.0)
The port is mapped to qset : 1
Let's read the output:
First rule: shaped has precedence over shared, it comes first in the output too! (I enjoy mental tricks to remind topics).
Shaping is set to 25 0 0 0. That means queue 1 gets up to 1/25 of the port bandwidth. The values 0 0 0 mean that the other queues share the traffic.
Sharing is set to 25 25 25 25 so queues 2 3 4 share available bandwidth with a minimum guarantee of 25% each.
Cisco 3560 QoS - Ingress
How C3560 ingress queues work:
SRR services the priority queue for its configured weight as specified by the bandwidth keyword in the
mls qos srr-queue input priority-queue queue-id bandwidth weight
global configuration command. Then, SRR shares the remaining bandwidth with both ingress queues and services them as specified by the weights configured with the
mls qos srr-queue input bandwidth weight1 weight2
global configuration command.
The COS/DSCP to queue mapping works as for egress queues. CoS is checked first.
SW1#sh mls qos maps cos-input-q
Cos-inputq-threshold map:
cos: 0 1 2 3 4 5 6 7
------------------------------------
queue-threshold: 1-1 1-1 1-1 1-1 1-1 2-1 1-1 1-1
SW1#sh mls qos maps dscp-input-q
Dscp-inputq-threshold map:
d1 :d2 0 1 2 3 4 5 6 7 8 9
------------------------------------------------------------
0 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
1 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
2 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
3 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
4 : 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 01-01 01-01
5 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
6 : 01-01 01-01 01-01 01-01
It's possible to modify buffer allocations for the queues. The buffer size determines how much data can be buffered and sent before packets are dropped.
SW1(config)#mls qos srr-queue input buffers ?
<0-100> enter percent of buffers for queue 1
SW1(config)#mls qos srr-queue input buffers 20 ?
<0-100> enter percent of buffers for queue 2
SW1(config)#mls qos srr-queue input buffers 20 80
To modify drop threshold of the two queues:
SW1(config)#mls qos srr-queue input threshold 1 ?
<1-100> enter percent of queue size for threshold 1
SW1(config)#mls qos srr-queue input threshold 1 20 ?
<1-100> enter percent of queue size for threshold 2
SW1(config)#mls qos srr-queue input threshold 1 20 40
Cisco 3560 QoS
This week I'm focusing on Catalyst 3560 QoS. There's plenty of material online, these are the most useful I've found so far.
VIDEO
Free vLecture Catalyst 3560 QoS Basics by IPEXPERT
Free vSeminar Catalyst QoS by INE
BLOG
Traffic Classification in 3550/3560 Switches
3560 QoS part one and part two
Quick notes on 3560 egress queuing
by INE
Introduction do Catalyst 3560 QoS
by IPEXPERT
A cool 3560 QoS Diagram by Marco Rizzi
DOC-CD
Cisco 3560 Configuration Guides from cisco.com
Key facts:
- QoS is disabled by default - enable with "mls qos"
- all markings are not trusted when QoS is enabled (CoS and DSCP are set to 0)
- dscp-to-dscp mutation map is the only map applied per port. All other maps are system-wide
- disable DSCP rewrite with global command "no mls qos rewrite ip dscp"
The C3560 platform queues are:
INGRESS 2q3t or 1p1q3t
EGRESS 4q3t or 1p3q3t
Of 3 thresholds, only 2 are configurable, the third is 100%:
Aggregate policer: it's possible police the aggregate traffic of many class-maps.
Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255
Switch(config)# access-list 2 permit 11.3.1.1
Switch(config)# mls qos aggregate-police transmit1 48000 8000 exceed-action policed-dscp-transmit
Switch(config)# class-map ipclass1
Switch(config-cmap)# match access-group 1
Switch(config-cmap)# exit
Switch(config)# class-map ipclass2
Switch(config-cmap)# match access-group 2
Switch(config-cmap)# exit
Switch(config)# policy-map aggflow1
Switch(config-pmap)# class ipclass1
Switch(config-pmap-c)# trust dscp
Switch(config-pmap-c)# police aggregate transmit1
Switch(config-pmap-c)# exit
Switch(config-pmap)# class ipclass2
Switch(config-pmap-c)# set dscp 56
Switch(config-pmap-c)# police aggregate transmit1
Switch(config-pmap-c)# exit
Switch(config-pmap)# class class-default
Switch(config-pmap-c)# set dscp 10
Switch(config-pmap-c)# exit
Switch(config-pmap)# exit
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# service-policy input aggflow1
Switch(config-if)# exit