We have an incoming QoS configuration on our 2960X switches like this:
class-map match-any QOS_GL_TRUST
match ip dscp 8 16 24 32 46
class-map match-any QOS_GL_CITRIX
match access-group name QOS_GL_CITRIX
policy-map QOS_LAN_IN
class QOS_GL_TRUST
trust dscp
class QOS_GL_CITRIX
set dscp 32
class class-default
set dscp default
So basically, this accepts the packets and keeps the markings for DSCP8,16,24,32, and 46. If not already marked by DSCP32, Citrix traffic will match the ACL and a marking of DSCP32 will be set. All other DSCP markings are overwritten with DSCP0. So this works great so far. Now we want to have the same configuration on our Cisco 3850 switches. But we dont have the trust command:
switch(config-pmap-c)#?
Policy-map class configuration commands:
bandwidth Bandwidth
drop Drop all packets
encap-sequence MCMLP encapsulate sequence
exit Exit from class action configuration mode
netflow-sampler NetFlow action
no Negate or set default values of a command
police Police
priority Strict Scheduling Priority for this Class
queue-buffers queue buffer
queue-limit Queue Max Threshold for Tail Drop
service-policy Configure QoS Service Policy
set Set QoS values
shape Traffic Shaping
So if i want to achieve the same job as on the 2960X Switches, i'd have to do following:
class-map match-any QOS_GL_VOICERTP
match ip dscp 46
class-map match-any QOS_GL_CITRIX
match ip dscp 32
match access-group name QOS_GL_CITRIX
class-map match-any QOS_GL_VOICESIP
match ip dscp 24
class-map match-any QOS_GL_MANAGEMENT
match ip dscp 16
class-map match-any QOS_GL_TRASH
match ip dscp 8
policy-map QOS_LAN_IN
class QOS_GL_VOICERTP
set dscp 46
class QOS_GL_CITRIX
set dscp 32
class QOS_GL_VOICESIP
set dscp 24
class QOS_GL_MANAGEMENT
set dscp 16
class QOS_GL_TRASH
set dscp 8
class class-default
set dscp default
So you can see that the 3850er configuration is much more code. So is there a better solution to achieve this? I am talking about the marking only, no actual QoS prioritization going on here.
Best Answer
The newer Cisco switches (3K, 4K, 9K) trust by default, so the trust command is no longer there. The QoS is implemented differently on those switches. You need somewhat different QoS configurations for different switch families.
Another difference that you may notice is that you can only do port-based QoS on the 2K switches, but you can do VLAN-based QoS on the 3K, 4K, and 9K switches. Also, you have limited TCAM space on the 2K switches, and you may need to adjust the TCAM allocation if you start to run out (see the answer to this question).