Ivan,
On 17/09/2012 12:16, "Ivan" <[email protected]> wrote: >Hi, > >I have a requirement to ensure all traffic across certain links have >particular CoS markings. Applying QoS polices on the links works but >doesn't capture router originated traffic - BGP, ARP, IPv6 ND etc. > >As a potential solution I have tested using IPv4 and IPv6 PBR to force >router traffic via lo0 > >route-map LP permit 10 > set interface Loopback0 > >ip local policy route-map LP >ipv6 local policy route-map LP > >and have set a QoS policy on lo0 > >interface Loopback0 > service-policy input LOOP0-IN > >this sets a qos-group which is matched the outgoing non-loopback >interface and sets CoS as required. Interesting.. which platform is this? I have never seen such a config, so I would be careful and test it thoroughly, also when upgrading. the usual way to (re)color router-originated traffic is to set the ip precedence in the "route-map LP" directly. >1) I don't think this works for ARP. I tried to match protocol arp >using the loopback0 policy but > >router(config-if)#service-policy input LOOP0-IN > 'match protocol arp' is not supported on input service-policy > >is there anyway to set the CoS value for ARP traffic from the router, >ideally only on some interfaces? I'm not sure if we can change ARP's cos values, I know that some platforms (Cat6k) mark them with Cos=6 (like routing), but I have not come across a way to change this. I guess you are concerned about some routers downstream (is this a L2 service?) dropping the packets? Because the originating router has other means to treat those packets as critical and not drop it on its egress interface. > >2) Is this configuration going to kill my router - maybe I am forcing >some process switching? Don't know.. strictly speaking all packets originated or terminated on the router are process-switched anyway (they originate or end up on some CPU in the box), but I'm not sure about any potential side-effects of a service-policy on a loopback.. so see my initial remark. oli _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
