This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Any implication using ACL to classify ALL traffic?

Any implication using ACL to classify ALL traffic?

Anonymous
Not applicable

‎04-23-2016 04:53 PM

Been given a requirement to implement a QoS configuration that I will be prioritising Voice and Video via an ACL on certain ports numbers.

My query is that I would then use a permit all on all remaining traffic to mark it with CS1 (DSCP  and then put this into QP2.

The idea I believe is that anything quantified as 'bad' traffic can then be put into best effort, QP1, if required.

So my question is, all though I know ACL's are done in hardware I'm not sure if using an ACL for this purpose on every single packet would over burden the switch in some manner?

The switch is an X440, but interested if the outcome should this be a G2 or any other model be the same?

Many thanks in advance.
0 Kudos
8 REPLIES 8

Erik_Auerswald
Contributor II
In response to Anonymous

‎04-27-2016 06:18 AM

It might work better to change the default dot1p and DSCP QP to QP2, and use ACLs to classify only special traffic (higher or lower priority than standard).
configure dot1p type dot1p_priority {qosprofile} qosprofile
configure diffserv examination code-point code_point {qosprofile} qosprofileYou can find additional ideas and information in RFC 4594.
0 Kudos

Erik_Auerswald
Contributor II
In response to Anonymous

‎04-27-2016 06:18 AM

As a start, you could match on the dot1p tag and dscp (or ip-tos) and change only frames with a value of 0 in both to QP2. That should leave anything already marked in the respective traffic class, and anything non-marked or non-IP in QP1. That of course assumes that network control is correctly marked and no traffic is incorrectly marked for a QoS class it is not supposed to use. You might need to add ARP to QP2 as well.
0 Kudos

Erik_Auerswald
Contributor II

‎04-25-2016 05:26 AM

Hi Martin,

packet editing via ACL should be implemented in hardware and not affect forwarding performance. ACLs are applied to every single packet anyway. As long as the switch has sufficient resources to apply the ACL you should be fine.

Erik
0 Kudos

Erik_Auerswald
Contributor II
In response to Erik_Auerswald

‎04-25-2016 05:26 AM

As an aside, you should ensure that you do not downgrade QoS of network control traffic.
0 Kudos
GTM-P2G8KFN