27-9
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
Chapter27 Configuring Quality of Service
Overview of QoS
Classification Based on QoS ACLs
A packet can be classified for QoS using multiple match criteria, and the classification can specify
whether the packet should match all of the specified match criteria or at least one of the match criteria.
To define a QoS classifier, you can provide the match criteria using the match statements in a class map.
In the 'match' statements, you can specify the fields in the packet to match on, or you can use IP standard
or IP extended ACLs. For more information, see the “Classification Based on Class Maps and Policy
Maps” section on page 27-9.
If the class map is configured to match all the match criteria, then a packet must satisfy all the match
statements in the class map before the QoS action is taken. The QoS action for the packet is not taken if
the packet does not match even one match criterion in the class map.
If the class map is configured to match at least one match criterion, then a packet must satisfy at least
one of the match statements in the class map before the QoS action is taken. The QoS action for the
packet is not taken if the packet does not match any match criteria in the class map.
Note When you use the IP standard and IP extended ACLs, the permit and deny ACEs in the ACL have a
slightly different meaning in the QoS context.
If a packet encounters (and satisfies) an ACE with a “permit,” then the packet “matches” the match
criterion in the QoS classification.
If a packet encounters (and satisfies) an ACE with a “deny,” then the packet “does not match” the
match criterion in the QoS classification.
If no match with a permit action is encountered and all the ACEs have been examined, then the
packet “does not match” the criterion in the QoS classification.
Note When creating an access list, remember that, by default, the end of the access list contains an implicit
deny statement for everything if it did not find a match before reaching the end.
After a traffic class has been defined with the class map, you can c reate a policy that defines the QoS
actions for a traffic class. A policy might contain multiple classes with actions specified for each one of
them. A policy might include commands to classify the class as a particular aggregate (for example,
assign a DSCP) or rate limit the class. This policy is then attached to a particular port on which it
becomes effective.
You implement IP ACLs to classify IP traffic by using the access-list global configuration command.
For configuration information, see the “Configuring a QoS Policy” section on page 27-29.
Classification Based on Class Maps and Policy Maps
A class map is a mechanism that you use to isolate and name a specific traffic flow (or class) from all
other traffic. The class map defines the criterion used to match against a specific traffic flow to further
classify it; the criteria can include matching the access group defined by the ACL or matching a specific
list of DSCP or IP precedence values. If you have more than one type of traffic that you want to classify,
you can create another class map and use a different name. After a packet is matched against the
class-map criteria, you can specify the QoS actions via a policy map.
A policy map specifies the QoS actions for the traffic classes. Actions can include trusting the CoS or
DSCP values in the traffic class; setting a specific DSCP or IP precedence value in the traffic class; or
specifying the traffic bandwidth limitations and the action to take when the traffic is out of profile.
Before a policy map can be effective, you must attach it to an interface.