Packets received at the switch can be classified to a particular class of service based on the filters configured. Certain policies can be applied before forwarding the packets. The following task illustrates the classification of the TCP packets received in the switch and changing the DSCP value in the IP header of the TCP packets to 46.
See Basic SEFOS Topology for the topology of this task. Connect port 25 to host A and port 26 to host B. Host B should have a command to dump traffic over a network interface such as tcpdump or snoop. If not, port 25 and port 26 can be connected to a data capturing device as shown in Basic SEFOS Topology.
See Connect to SEFOS.
SEFOS-1# configure terminal SEFOS-1(config)# interface xl-ethernet 0/26 SEFOS-1(config-if)# no shutdown SEFOS-1(config-if)# exit SEFOS-1(config)# interface xl-ethernet 0/25 SEFOS-1(config-if)# no shutdown SEFOS-1(config-if)# exit SEFOS-1(config)# vlan 1 SEFOS-1(config-vlan)# ports xl-ethernet 0/25 xl-ethernet 0/26 untagged xl-ethernet 0/25 xl-ethernet 0/26
You might see the following message if both interfaces are already in VLAN 1.
% Member Ports cannot be added/deleted on Default VLAN SEFOS-1(config-vlan)# end
SEFOS-1# configure terminal SEFOS-1(config)# qos enable SEFOS-1(config)# end
SEFOS-1# configure terminal SEFOS-1(config)# ip access-list extended 11 SEFOS-1(config-ext-nacl)# permit tcp any any SEFOS-1(config-ext-nacl)# exit SEFOS-1(config)# interface xl-ethernet 0/25 SEFOS-1(config-if)# ip access-group 11 in SEFOS-1(config-if)# end
SEFOS-1# configure terminal
SEFOS-1(config)# class-map 10
SEFOS-1(config-cls-map)# match access-group ip-access-list 11 SEFOS-1(config-cls-map)# set class 100
SEFOS-1(config-cls-map)# exit
SEFOS-1(config)# policy-map 10
SEFOS-1(config-ply-map)# set policy class 100 default-priority-type ipdscp 46 SEFOS-1(config-ply-map)# exit
46 (0x2e) is a decimal number. If an 8-bit TOS value is shown, it is shown as 0xb8 because 0x2e must be shifted left 2 bits to get the 6 bits of the DSCP value.
SEFOS-1# show access-lists ... Filter Protocol Type : TCP IP address Type : IPV4 ... In Port List : X10/25 ... Filter Action : Permit Status : Active... L3FilterId : 11 PriorityMapId : None CLASS : 100 PolicyMapId : 10 ... SEFOS-1# show policy-map 10 QoS Policy Map Entries ---------------------- PolicyMapId : 10IfIndex : 0 Class : 100 DefaultPHB : IP DSCP 46 ...
From host A to host B, send TCP packets to host B and use the host-supported packet dumping command to verify the DSCP value.
# tcpdump -xx -n -i eth3 ip ... 16:34:27.979962 IP 12.0.0.100.905 > 12.0.0.17.shell: ... 16:34:27.980163 IP 12.0.0.17.shell > 12.0.0.100.905: 0x0000: 0014 4f6c 7de9 001b 2147 d479 0800 4500 0x0000: 001b 2147 d479 0014 4f6c 7de9 0800 45b8 ...
These packets are received at port 26 and have a DSCP value 46. In this example, the dump command shows a DSCP value of 0xb8.