tag dscp value of ef for ips with specific source and destination address on cisco 3560 switch

i would like to use service-policy command or equivalent on the interface f0/1-48 ports of a 3560e switch so that any voip packet which is unmarked for whatever reason ( left out) will be marked by the cisco switch and guarented bandwidth is available.

this works with 4507 --service policy input marking but with 3560s i am not able to mark the packets with the correct dscp value using "service policy input "

sniffer output shows that udp rtp stream dscp value set to 0x0 -- even when we are trying to mark it to 46.

the same config works fine on 4507s no issues. any inputs will be appreciated
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I can't recall if the 3560's support NBAR, but if they do, this will do the trick:

!!Match VoIP Traffic
class-map match-any MARK_VOIP
 match protocol rtp audio
 match protocol rtsp
 match protocol sip
!!Set DSCP to EF for traffic that matched to the above criteria
policy-map MARK_QOS
 class MARK_VOIP
  set dscp ef

!!All traffic with a DSCP value of EF, gets attached to the APPLY_VOIP class
class-map match-any APPLY_VOIP
 match  dscp ef
!!Set the amount of bandwidth allocated to the traffic matched to the APPLY_VOIP class
policy-map APPLY_QOS
  priority 300

Then, on your local LAN interface, issue the following command (e.g on interface Vlan1):
service-policy input MARK_QOS

Then, on your internet facing interface, issue the following command (e.g Dialer1):
service-policy output APPLY_QOS

If the 3560 does not support NBAR, use this version of the "class-map match-any MARK_VOIP" command instead:

class-map match-any MARK_VOIP
 match access-group name QOS_DATA

Then create an ACL that matches the port numbers and/or IP addresses of the data you want to apply the QoS to.

ip access-list extended QOS_DATA
permit udp any eq 5060 any
permit udp any any eq 5060

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.