Specifications

ManualsBrandsCisco ManualsDocking StationAccess Registrar 3.5

100

2-40

Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.3.0XO(15.1(1)XO)

OL_28738-01

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches

auto qos classify

permit tcp any any eq 3689

permit udp any any eq 3689

permit tcp any any range 6881 6999

permit tcp any any eq 11999

permit tcp any any range 28800 29100

ip access-list extended AutoQos-4.0-ACL-Default

permit ip any any

class-map match-any AutoQos-4.0-VoIP-Data

match dscp ef

match cos 5

class-map match-all AutoQos-4.0-VoIP-Data-Cos

match cos 5

class-map match-any AutoQos-4.0-VoIP-Signal

match dscp cs3

match cos 3

class-map match-all AutoQos-4.0-VoIP-Signal-Cos

match cos 3

class-map match-all AutoQos-4.0-Multimedia-Conf-Classify

match access-group name AutoQos-4.0-ACL-Multimedia-Conf

class-map match-all AutoQos-4.0-Signaling-Classify

match access-group name AutoQos-4.0-ACL-Signaling

class-map match-all AutoQos-4.0-Transaction-Classify

match access-group name AutoQos-4.0-ACL-Transactional-Data

class-map match-all AutoQos-4.0-Bulk-Data-Classify

match access-group name AutoQos-4.0-ACL-Bulk-Data

class-map match-all AutoQos-4.0-Scavenger-Classify

match access-group name AutoQos-4.0-ACL-Scavenger

class-map match-all AutoQos-4.0-Default-Classify

match access-group name AutoQos-4.0-ACL-Default

AutoQos-4.0-VoIP-Data-Cos and Au toQos-4.0-VoIP-Signal- Cos are needed to hand le instances when

you connect an IP p hone to an int erface a nd call the a uto qos voip cisco-phone command on that

interface. In this situati on, the input service policy on the interface must match VoIP and signaling

packets solely on their CoS markings. This is because switching ASICs on Cisco IP Phones are limited

to only remarking the CoS bits of VoIP and the signaling traffic. Matching DSCP markings results in a

security vulnerability because a user whose PC was connected to an IP phone connected to a switch

would be able to remark DSCP markings of traffic arising from their PC to dscp ef using the NIC on their

PC. This causes incorrect placement of non rea l-time traffic in the priority queue in the egress direct ion.

B. Template for the auto qos classify command input service-policy

policy-map AutoQos-4.0-Classify-Input-Policy

class AutoQos-4.0-Multimedia-Conf-Classify

set dscp af41

set cos 4

set qos-group 34

class AutoQos-4.0-Signaling-Classify

set dscp cs3

set cos 3

set qos-group 16

class AutoQos-4.0-Transaction-Classify

set dscp af21

set cos 2

set qos-group 18

class AutoQos-4.0-Bulk-Data-Classify

set dscp af11

set cos 1

set qos-group 10

class AutoQos-4.0-Scavenger-Classify

set dscp cs1

set cos 1

set qos-group 8