MLS QOS has been one of the greatest fear for my CCIE RS exam. I’ve read it several times, labbed it more than 3 times, but still I just cannot understand it. Then I decided to write my own notes to teach myself and hopefully any of you mere mortals like me.
I’ll start with this Classification and Marking and let see how deep the rabbit hole goes for the next few parts.
Enjoy!
Continue reading
Just say that we have these three sites connected to the main hub R1. R1 – R2 is running EIGRP 12 and R1 – R3 is running EIGRP 13. R1 – R4 runs no routing protocol and R4 uses default route pointing to R1 Fa2/0 interface 14.14.14.1.
Initial configuration below
There are several things to be satisfied before OSPF can establish its full adjacency. These are Area-ID, Stub-Flags, Interface-Type, Timers, Authentication, and MTU. These attributes must match to the other peering.
Let’s say that you have a scenario to create Q-in-Q which requires you to alter the default MTU to 1504 using system mtu 1504. The verification also shows that your system MTU is indeed 1504.
SWITCH-3560#sh system mtu System MTU size is 1504 bytes System Jumbo MTU size is 1504 bytes Routing MTU size is 1500 bytes
Rack10R6#sh ip int f0/0.146 | i ARP Proxy ARP is enabled Local Proxy ARP is disabled
Rack10R6(config)#int f0/0.146 Rack10R6(config-subif)#no ip proxy-arp Rack10R6(config-subif)#do sh ip int f0/0.146 | i ARP Proxy ARP is disabled Local Proxy ARP is disabled
Rack10R6(config)#ip arp proxy disable Rack10R6(config)#do sh ip int f0/0.146 | i ARP Proxy ARP is disabled (Globally) Local Proxy ARP is disabled
When you configure switchport access vlan 20 on an interface:
switchport mode access this will make the interface turned to nontrunking permanently and also negotiates or telling the other end of the link to be a nontrunk link. This interface will permanently become nontrunk interface regardless the other end is trunk or nontrunk link. With this in mind, if one port is configured with switchport mode access and other end port happens to be configured with switchport mode dynamic auto or switchport mode dynamic desirableFew weeks ago, May 31, 2011, I sat my CCIE lab exam and failed. I knew I was going to fail but somewhere inside just want to keep trying and wanting to know how far I would get. This exam is not an impossible exam. Yes, it is hard, but not impossible to achieve. I’ve seen all of the technologies but I didn’t know it enough to pass.
Enough for the rant, I’m starting my INE WB from the beginning and it feels like things are keep unlocking itself and I have lots of Aha moments. I guess whatever I read before still inside, somewhere.
Previously I studied like a running train and tried to read as much as I could but not necessarily trying to understand it. That’s why I failed. I can be efficient to read more but it wasn’t effective enough to make me to understand it. This time is different, I have that eagerness to know more and don’t really care about the time, as long as I can learn 1-2 hours a day and make it count, it will be much better rather than learning until 2am in the morning but understand nothing.
Just before the exam, I was quite lucky to be able to attend Narbik’s 5-day Bootcamp, for those who wants to know what is it like in details, please visit this article. From my own point of view, this training has opened my eyes that CCIE is not for the faint-hearted, no shortcuts and you have to walk the process. I’m planning to join his 5-day bootcamp again in December 2011.
For all of those CCIE candidates out there, it’s hard but not impossible.
Catalyst QOS Port-Based Policing Cannot Co-exist with Vlan-based Classification.
SW1#sh ver | i cisco
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
export@cisco.com.
cisco WS-C3560-24TS (PowerPC405) processor (revision D0) with 122880K/8184K bytes of memory.
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#
SW1(config)#no policy-map PM_QOS
SW1(config)#
SW1(config)#ip access-list ext ACL_IP
SW1(config-ext-nacl)# permit ip any any
SW1(config-ext-nacl)#exit
SW1(config)#
SW1(config)#class-map CM_IP
SW1(config-cmap)# match access-group name ACL_IP
SW1(config-cmap)#exit
SW1(config)#
SW1(config)#no policy-map PM_QOS
SW1(config)#policy-map PM_QOS
SW1(config-pmap)# class class-default
SW1(config-pmap-c)# police 128000 125000 exceed-action drop
SW1(config-pmap-c)# exit
SW1(config-pmap)#exit
SW1(config)#
SW1(config)#int f0/1
SW1(config-if)# service-policy in PM_QOS
%QoS: policymap is not attachable to vlan-based interface
Service Policy attachment failed
SW1(config-if)#exit
SW1(config)#exit
SW1#
*Mar 1 09:26:17.854: %SYS-5-CONFIG_I: Configured from console by console
SW1#sh run int f0/1
Building configuration...
Current configuration : 81 bytes
!
interface FastEthernet0/1
switchport access vlan 146
mls qos vlan-based
end
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#int f0/1
SW1(config-if)#no mls qos vlan-based
SW1(config-if)#^Z
SW1#
*Mar 1 09:26:35.545: %SYS-5-CONFIG_I: Configured from console by console
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#int f0/1
SW1(config-if)# service-policy in PM_QOS
SW1(config-if)#exit
SW1(config)#exit
SW1#
*Mar 1 09:26:47.550: %SYS-5-CONFIG_I: Configured from console by console
SW1#sh poli
SW1#sh policy-map int f0/1
FastEthernet0/1
Service-policy input: PM_QOS
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
SW1#
It’s good to have Easter break. I can use it to get some of Video-on-Demand study done. In the last two weeks, i’ve closed the gap for IPv6 and Multicast. Thanks to INE for making awesome product.
I’m really happy to know that Brian McGahan is back on-track making the Video-on-Demand. He went down very deep and this course has everything you need to know for Multicast in CCIE RS lab. I actually wish that INE can drop the Advance Technologies lab and concentrating making these type (deep-dive) technology section.
Next step would be for MPLS. I’ve checked the first session of Video-on-Demand this morning at 2 AM and it looked and sounded good! Keith Barker was doing this and I guess he set the bar quite high.
Ideally, I should finished all of the IEWB lab 1, 2, 3, and 4. But I guess, considering that I only have 5 weeks and I’m also considering to use 1 week of it for Narbik 5-day course (Sydney) then I need to adjust which WB that I will work on. Otherwise I’ll be burned out like before.
My first-born due in August 2011 and If I couldn’t pull this exam through in May, then this study would be really hard for us.
I’ll be having two weeks leave before the exam and my company has been good enough to give study leave on every Friday for 10 weeks before the exam. I also got some cut-overs on Sat for the next 7 weeks which I’ll take some time-in-lieu to compensate.
Below are the progress list the Workbooks that (ideally) I need to complete.
Technology Lab. All completed.
Configuration Lab
| IEWB-RS VOL2 Lab 1 | Difficulty Level 6 | COMPLETED |
| IEWB-RS VOL2 Lab 2 | Difficulty Level 6 | COMPLETED |
| IEWB-RS VOL2 Lab 3 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 4 | Difficulty Level 7 | COMPLETED |
| IEWB-RS VOL2 Lab 5 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 6 | Difficulty Level 7 | COMPLETED |
| IEWB-RS VOL2 Lab 7 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 8 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 9 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 10 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 11 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 12 | Difficulty Level 7 | COMPLETED |
| IEWB-RS VOL2 Lab 13 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 14 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 15 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 16 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 17 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 18 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 19 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 20 | Difficulty Level 8 | NOT COMPLETED |
Speed Lab
| IEWB-RS VOL3 Lab 1 | COMPLETED |
| IEWB-RS VOL3 Lab 2 | COMPLETED |
| IEWB-RS VOL3 Lab 3 | COMPLETED |
| IEWB-RS VOL3 Lab 4 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 5 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 6 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 7 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 8 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 9 | NOT COMPLETED |
| IEWB-RS VOL3 Lab 10 | NOT COMPLETED |
Troubleshooting Lab
| IEWB-RS VOL2 Lab 1 | Difficulty Level 5 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 2 | Difficulty Level 6 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 3 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 4 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 5 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 6 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 7 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 8 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 9 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 10 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 11 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 12 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 13 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 14 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 15 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 16 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 17 | Difficulty Level 8 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 18 | Difficulty Level 7 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 19 | Difficulty Level 9 | NOT COMPLETED |
| IEWB-RS VOL2 Lab 20 | Difficulty Level 8 | NOT COMPLETED |
This article explains prefix-list in a very easy way to understand.
Legacy Frame Relay Traffic Shaping
int s0/0/0 band 1536 frame-relay traffic-shaping frame-relay interface-dlci 513 class MC_513 frame-relay interface-dlci 504 class MC_504 exit exit map-class frame-relay MC_513 frame-relay cir 128000 frame-relay bc 6400 frame-relay be 51200 frame-relay mincir 96000 frame-relay adaptive-shaping becn map-class frame-relay MC_504 frame-relay cir 512000 frame-relay bc 25600 frame-relay be 0 frame-relay mincir 384000 frame-relay adaptive-shaping becn exit
Class-Based Generic Traffic Shaping for Frame Relay
class-map CM_DLCI_513 match fr-dlci 513 class-map CM_DLCI_504 match fr-dlci 504 exit policy-map PM_FRTS class CM_DLCI_513 shape average 128000 6400 0 shape adaptive 96000 class CM_DLCI_504 shape average 512000 25600 51200 shape adaptive 384000 exit exit int s0/0/0 bandwidth 1536 no frame-relay traffic-shaping service-policy output PM_FRTS exit
MQC-based Frame Relay Traffic Shaping
int s0/0/0 band 1536 no frame-relay traffic-shaping frame-relay interface dlci 513 class MC_513 frame-relay interface dlci 504 class MC_504 exit exit map-class frame-relay MC_513 service-policy out PM_513 map-class frame-relay MC_504 service-policy out PM_504 exit policy-map PM_513 class class-default shape average 128000 6400 0 shape adaptive 96000 ! automatically adapt to BECN exit exit policy-map PM_504 class class-default shape average 512000 25600 51200 shape adaptive 384000 ! automatically adapt to BECN exit exit
Notes.
Bc = CIR (in bits per seconds) * (Tc/1000)
(Bc + Be) / (Tc/1000) = AIR
Example.
Bc = CIR (in bits per seconds) * (Tc/1000)
Bc = 512000 * 50/1000
Bc = 512000 * 0.05
Bc = 25600
(Bc + Be) / (Tc/1000) = AIR
(25600 + Be) / 0.05 = 1536000
Be = (1536000 * 0.05) – 25600
Be = 51200
Note – 30 December 2011.
For MQC-based Frame Relay Traffic Shaping, inside the policy-map, command shape average needs to be applied first.
ROUTER(config)#policy-map PM_513 ROUTER(config-pmap)# class class-default ROUTER(config-pmap-c)# shape adaptive 256000 Traffic Shaping must be enabled on this class before the command can be issued ROUTER(config-pmap-c)# shape average 384000 ROUTER(config-pmap-c)#shape adaptive 256000