Classification and Marking 279
Table 8-6 Layer 4 IP Protocol Criteria
Protocol ID Keyword
Value
AHP
(51)
EIGRP
(88)
ESP
(50)
GRE
(47)
IGRP
(9)
ICMP
(1)
Protocol ID Keyword
Value
IGMP
(2)
IGRP
(9)
IP
(0)
IpinIP
(4)
NOS
(94)
OSPF
(89)
Protocol ID Keyword
Value
PCP
(108)
PIM
(103)
TCP
(6)
UDP
(17)
Protocol ID
Range (0–255)
280 Chapter 8: QoS Support on the Catalyst 6500
Table 8-7 Layer 4 UDP Criteria
Port Keyword
Port
Biff
512
Bootpc
68
Bootps
67
Discard
9
DNS
53
DNSIX
195
Port Keyword
Port
Echo
7
Mobile-IP
434
Name Server
42
NetBIOS-DGM
138
NetBIOS-NS
137
NTP
123
Port Keyword
Port
RIP
520
SNMP
161
SNMPtrap
162
SunRPC
111
Syslog
514
TACACS
49
Port Keyword
Port
Talk
517
TFTP
69
Time
37
Who
513
XDMCP
177
Port range (0–65535)
Classification and Marking 281
Although not as granular as IP, IPX and MAC ACLs can classify traffic based on specific
protocol numbers and ethertype values, as well as based on the source and destination
network and host numbers. Administrators can identify particular IPX protocols based on
keywords—(ncp (17), rip (1), sap (4), spx (5))—or a protocol number in the range from 0
to 19 or 21 to 255. MAC ACLs enable the administrator to identify traffic based on
ethertype value, utilizing one of the keywords or values shown in Table 8-9. Once again, if
a specific protocol or ethertype value is not included in the ACL configuration, the resulting
behavior is to classify all IPX or MAC traffic based on the indicated network or node
addresses.
Table 8-8 Layer 4 TCP Criteria
Port Keyword
Port
BGP
179
Chargen
19
Daytime
13
Discard
9
Domain
53
Echo
7
Finger
79
Port Keyword
Port
FTP
21
FTP-Data
20
Gopher
70
Hostname
101
IRC
194
Klogin
543
Kshell
544
Port Keyword
Port
LDP
515
NNTP
119
POP2
109
POP3
110
SMTP
25
SunRPC
111
TACAC S
49
Port Keyword
Port
Telnet
23
Time
37
UUCP
540
Whois
43
WWW
80
Port range (0–65535)
282 Chapter 8: QoS Support on the Catalyst 6500
Table 8-9 MAC Classification Criteria
Keyword
Ethertype
AARP
0x80F3
Banyan-Vines-Echo
0x0baf
DEC-Amber
0x6008
DEC-DSM
0x8039
DEC-Diagnostic-Protocol
0x6005
DEC-LANBridge
0x8038
DEC-LAT
0x6004
DEC-LAVC-SA
0x6007
DEC-MOP-Dump
0x6001
DEC-MOP-Remote-Console
0x6002
DEC-MSDOS
0x8041
Keyword
Ethertype
DEC-Mumps
0x6009
DEC-NetBIOS
0x8040
DEC-Phase-IV
0x6003
Ethertalk
0x809B
XEROX-NS-IDP
0x0600
Valid Configurable Ethertype Values
0x809B,0x80F3
0x6000–0x6009
0x8038–0x8039
0x8040–0x8042
0x0BAD,0x0BAF,
0x0600
Classification and Marking 283
For all ACL types, after the named ACLs have been configured, they are temporarily placed
into an edit buffer within memory. As a result, if changes are made to an ACL, or a new
ACL is created, it is necessary to commit the changes before they can be implemented.
Committing the ACL copies the commands from the temporary edit buffer to the PFC in
hardware. Commits are performed with the following command, commit qos acl
{ACL_name | all}. Prior to committing any changes, it is possible to “roll back” any modifi-
cations without impacting the performance of currently operational ACLs. This eliminates
any ACL alterations or additions present within the temporary edit buffer. This is accom-
plished with rollback qos acl {ACL_name | all}. When modifying default ACL parameters,
it is not necessary to commit any changes. All changes take affect immediately. To verify
whether an ACL has been committed to hardware, or if there are outstanding “not
committed” changes, use show qos acl editbuffer. Refer to Example 8-23 in the “Classifi-
cation and Marking in Hybrid Mode” section for a demonstration on configuring and
applying QoS ACLs using Hybrid mode.
Class Maps and Policy Maps with Cisco IOS
With Cisco IOS, classification is performed utilizing Cisco’s MQC, as described in Chapter
5. The modular CLI enables the administrator to classify all interesting traffic by defining
named or numbered IOS ACLs and referencing them within class maps. Class maps are
then applied to policy maps. Policy maps identify the actions performed on traffic corre-
sponding to the predefined class maps, which are referenced within the policy map. Finally,
the defined policies are then applied to the appropriate port or interface with the service-
policy {input | output} command. For further information regarding the Cisco MQC, refer
to Chapter 5.
Cisco IOS supports the classification of IP, IPX, and MAC type traffic. With Cisco IOS,
both IP and IPX flows can be classified utilizing standard-numbered ACLs, extended-
numbered ACLS, or named ACLs. For MAC layer traffic, network data is classified using
named ACLs only.
NOTE With Release 12.1(1)E and later, it is possible to classify IPX and MAC layer traffic.
However, QoS support for IPX classification can be based on source network, and
optionally destination network and node parameters. Classifying IPX type traffic based on
socket numbers, source node, protocol, or service type is not supported.
When defining interesting traffic, you can configure multiple class maps. Potentially, one
class map can be specified for each type of inbound traffic for a designated receiving
interface. QoS on the Catalyst 6500 only supports one match statement when defining
classification criteria. You can match traffic based on Layer 3 precedence values by using
match ip, or administratively defined ACLs by using match access-group. All other class
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.