ACL to prioritize UDP ports into QP8

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
  • (Edited)
I am looking at an Issue I currently have with C5210 controllers and  the connected AP's where they randomly move from one controller to another.
These AP's approx 1000 all tunnel back to the controllers.( planned 50/50 split)

We have discussed a number of options and I understand that when these AP's tunnel to the controllers they use WASSP ./CAPWAP .

The AP's I understand use UDP ( no guaranteed delivery ) ports 1390,13907,13911 for its various communications to Controller.

My thought is to create an acl ,(.pol ) which would be configured on all ports that AP are attached to ,so to get to the real reason to this post ,can someone check the below and comment:

Entry AP_WASSP_PRIORITY {
If {

Protocol udp;

Destination-port 13907;
Destination-port 1390;
Destination-port 13911;

}

Then {

Qosprofile Qp8;

Replace-dscp;

Count counter;

}

Or is there a better way of increasing the probability that these packets will make it to the controller
Photo of Rod Robertson

Rod Robertson

  • 2,344 Points 2k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,792 Points 10k badge 2x thumb
Hi Rod,

your match clause cannot work, because every UDP packet is sent to only one of the ports, not all of them. Thus you need one ACL entry per UDP port. For consecutive ports, you can specify a range as argument for destination-port, but this is not applicable here.

Erik
Photo of Rod Robertson

Rod Robertson

  • 2,344 Points 2k badge 2x thumb
So I have modified my script. The idea is that this .pol file is added to the ports ( ingress ) that support the Extreme AP's, then use diffserv through the network till it reaches the C5210 unit ..

Entry AP_WASSP_PRIORITY {If {

Protocol udp;

Destination-port 13907;

}

Then {

Qosprofile Qp8;

Replace-dscp;

Count counter;

}
If {

Protocol udp;


Destination-port 1390;


}

Then {

Qosprofile Qp8;

Replace-dscp;

Count counter;

}If {

Protocol udp;

Destination-port 13911;

}

Then {

Qosprofile Qp8;

Replace-dscp;

Count counter;

}