Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1060
  • Last Modified:

QOS on vlan interfaces?

I have never seen QOS applied to a vlan interfaces but the thought crossed my mind why or why not use QOS on a vlan interface?

I looked at the commands under a vlan interface and there is not any QOS commands available so I suppose there is no way to configure QOS.

I understand that basically a vlan interface is a virtual interface and not a physical one.

Is that why? But aren't the buffers queues for the interfaces kind of virtual also?

Maybe the question is contrast and compare real interfaces vs virtual interfaces?
0
Dragon0x40
Asked:
Dragon0x40
  • 4
  • 4
  • 2
3 Solutions
 
SouljaCommented:
You can apply qos to vlan interfaces. What device are you on?
0
 
SouljaCommented:
You don't have the service-policy command available under your vlan interfaces?
0
 
Dragon0x40Author Commented:
you are correct there is a service-policy command available.

If traffic tagged with EF46 crosses a vlan interface without any qos configured will the tag get stripped?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
pgstephanCommented:
Even if no QoS is configured, the tag should not get stripped as long as it is an IP packet cause DSCP will always exist in the packet header.
0
 
Dragon0x40Author Commented:
My understanding is that if qos is turned off globally on a switch then the original tags remain, so by default the switches will not strip the qos tags.

If a switch has qos turned on then any interface that is not set to trust dscp values will strip the qos tags?

if my switch has qos turned on and trust dscp on all interfaces except the vlan interfaces what keeps the vlan interface from stripping the tag?
0
 
pgstephanCommented:
that's true. if QoS is enabled without settings, the switch will strip the DSCP from the packets.
So for the vlan interface, it will really strip it in that case.
0
 
Dragon0x40Author Commented:
To keep the tag on don't you use the "mls qos trust dscp" or "qos trust dscp"?
 I don't see an option to trust any tags under the vlan interface only the service-policy command?
Does service-policy have to be used or the qos tag gets stripped?

(config)#int vlan XX
(config-if)#?
Interface configuration commands:
  appletalk       Appletalk interface subcommands
  arp             Set arp type (arpa, probe, snap) or timeout
  backup          Modify backup parameters
  bandwidth       Set bandwidth informational parameter
  bgp-policy      Apply policy propagated by bgp community string
  carrier-delay   Specify delay for interface transitions
  cdp             CDP interface subcommands
  clns            CLNS interface subcommands
  cts             Configure Cisco Trusted Security
  dampening       Enable event dampening
  default         Set a command to its defaults
  delay           Specify interface throughput delay
  description     Interface specific description
  eigrp           EIGRP interface specific commands
  energywise      EnergyWise interface configurations
  eou             EAPoUDP Interface Configuration Commands
  ethernet        Ethernet interface parameters
  exit            Exit from interface configuration mode
  glbp            Gateway Load Balancing Protocol interface commands
  help            Description of the interactive help system
  ip              Interface Internet Protocol config commands
  ipv6            IPv6 interface subcommands
  ipx             Novell/IPX interface subcommands
  isis            IS-IS commands
  iso-igrp        ISO-IGRP interface subcommands
  load-interval   Specify interval for load calculation for an interface
  logging         Configure logging for interface
  loopback        Configure internal loopback on an interface
  macro           Command macro
  mtu             Set the interface Maximum Transmission Unit (MTU)
  nmsp            NMSP interface configuration
  no              Negate a command or set its defaults
  ntp             Configure NTP
  private-vlan    Configure private VLAN SVI interface settings
  qos             QoS configuration
  service-policy  Configure QoS Service Policy
  shutdown        Shutdown the selected interface
  snmp            Modify SNMP interface parameters
  source          Get config from another source
  spanning-tree   Spanning Tree Subsystem
  standby         HSRP interface configuration commands
  timeout         Define timeout values for this interface
  vrrp            VRRP Interface configuration commands
  vtp             Enable VTP on this interface
0
 
SouljaCommented:
You don't trust tags on vlan interfaces only on the physical ports. That is why you don't see the option. The vlan interface is where you will match the traffic and act upon it.
0
 
Dragon0x40Author Commented:
I don't see a way to trust cos or dscp on a vlan interface so I am beginning to think that the vlan interface is not going to modify the QOS tags. Unless the policy-map referenced by a service-policy applied to the vlan interface changes the QOS tags?


physical interface
(config-if)#mls qos trust ?
  cos            cos keyword
  device         trusted device class
  dscp           dscp keyword
  ip-precedence  ip-precedence keyword
  <cr>

vlan interface
(config-if)#service-policy ?
  input   Assign policy-map to the input of an interface
  output  Assign policy-map to the output of an interface
0
 
SouljaCommented:
You are correct. The policy on the vlan interface applies to any traffic entering or exiting the vlan, not a specific port. Whereas the policy on the port will affect the port only. Yes, with the options you present, the vlan interface will not modify the qos marking unless the policy map matches then changes the marking.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 4
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now