Responses below.
Jason Boyers - CCIE #26024 (Wireless) Technical Instructor - IPexpert, Inc. Mailto: *[email protected] * On Fri, Apr 8, 2011 at 1:07 PM, Raul Manzano <[email protected]> wrote: > Hi Guys. > > Because I think my weakest areas today are QOS (Wired and Wireless), > dynamic routing, Multicast and autonomous APs I´m working on it with the > labs, mainly focused to lab 2 and 3. > > About the lab 2 and assuming I have the lab version 2828 and could be > corrected in next versions: > > - Multicast task 2.7: I´m assuming the explanation applies on both AP´s > the MULTICAST access list at the interface because there is no subinterfaces > in the ethernet interface; if subinterface f0.110 would be and would attach > the bridge-group 1 the access-list would be applied on f0.110. am I right?? > > Two thinks about parrallel scenarios; the same like point to point link > between CAT2 and CAT4 but doing with bridges and we don´t permit multicast > traffic across the link. Would you think this is valid?? This is a Mixed of > deny multicast on AAP1 and Deny multicast in CAT4 (I think the same scenario > for the non-root bridge). > > For AAP1 (root bridge) > ip access-list extended MULTICAST-1 > deny ip any host 239.10.210.20 > permit ip any any > > Int f0.110 > ip access-group MULTICAST-1 in > > For AAP2 (Non root-bridge) > > ip access-list extended MULTICAST > deny ip 239.0.0.0 0.255.255.255 any > permit ip any any > > Int f0.110 > ip access-group MULTICAST in > > This is only to deny multicast traffic on management interface, for all the > VLANs with Multicast routing enabled I supposed this access-list must be > applied in the subinterface eth for all the vlans crossing the link, > right?? > *** If you are blocking the multicast inbound on AAP1 (which is what your config would correctly do,) you wouldn't need to also block it on AAP2. It would never get there. Also, you are correct in that the ACL would need to be applied to any subinterface for which this traffic would need to be blocked. > > - QOS task 2.8: Is mandatory to create the class-default for VOICE3-PM?, I > always believe that if nothing matches with the policy map applied to the > interface automatically "matches" with class-default which if not configured > set priority to 0. > *** Technically, no it doesn't. It is there to show that all other traffic would not have their cos settings trusted. > > Last one, for QOS on autonomous AP, by default all inbound traffic passing > from radio interface to ethernet interface with UP6 are mapped to the > ethernet interface with COS 5, and Traffic with UP4 to COS3; but inbound > traffic from ethernet with COS 5 and COS3 will maintain their priority when > passing from Ethernet to radio interface if you do not enable the "dot11 > priority-map avvid" Is this correct??? Because this is the only reason I > found for the access-list propossed in the Deployment guide for the 7921G > without using this feature. > *** By default, inbound UP traffic is not mapped to anything. Only when the "dot11 priority-map avvid command is applied," or when a policy map is applied, are UP values mapped to CoS values. And, with that command, UP values are mapped to the next lower CoS values (except for CoS 0, 1 and 7). Conversely, as you state, CoS values are mapped to the next higher UP values (except CoS 0, 1 and 7). As for the PM, this would only be applied if the packets did not have any CoS or UP values (depending on direction). Policy maps for QoS on the autonomous APs are not applied if a frame already has layer 2 QoS settings (see http://www.cisco.com/en/US/docs/wireless/access_point/12.4_21a_JA1/configuration/guide/scg12421aJA1-chap15-qos.html#wp1046778 .) > > ! > ! > class-map match-all CONTROL > match ip dscp cs3 > class-map match-all RTP > match ip dscp ef > ! > ! > policy-map VOICE > class CONTROL > set cos 4 > class RTP > set cos 6 > ! > interface Dot11Radio X > service-policy input VOICE > service-policy output VOICE > > Thanks for your help and sorry for this "big" mail :) > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
