- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring the Switch Alarms
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring the PPoE Intermediate Agent
- Configuring Interfaces
- Configuring Command Macros
- Configuring VLANs
- Configuring Private VLANs
- Configuring IEEE 802.1Q Tunneling, VLAN Mapping, 802.1ad, and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring DHCP Features and IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping and MVR
- Configuring Port-Based Traffic Control
- Configuring CDP
- Configuring LLDP and LLDP-MED
- Configuring UDLD
- Configuring SPAN and RSPAN
- Configuring RMON
- Configuring System Message Logging
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring IP Unicast Routing
- Configuring Control-Plane Security
- Configuring QoS
- Configuring EtherChannels and Link-State Tracking
- Configuring IPv6 Unicast Routing
- Configuring IPv6 MLD Snooping
- Configuring IPv6 ACLs
- Configuring IPv6 QoS
- Configuring HSRP, VRRP, and GLBP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Ethernet OAM, CFM, and E-LMI
- Configuring Y.1731 Performance Monitoring
- Configuring IP Multicast Routing
- Configuring MSDP
- Troubleshooting
- Configuring Online Diagnostics
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Unsupported Commands in Cisco IOS Release 12.2(60)EZ
Configuring IPv6 QoS
This chapter describes how to configure IPv6 quality of service (QoS) on the Cisco ME 3400E Ethernet Access switch. Cisco IOS Release 12.2(60)EZ adds support for IPv6 QoS.
The switch supports QoS for both IPv4 and IPv6 traffic when a dual IPv4 and IPv6 SDM template is configured. For more information about dual IPv4 and IPv6 templates, see the “Dual IPv4 and IPv6 SDM Templates” section.

Note To enable IPv6 QoS, you must configure the dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch. Select the template by entering the sdm prefer dual-ipv4-and-ipv6 global configuration command. You must reload the switch after configuring the template.
This chapter describes how to configure QoS for IPv6 traffic only on the Cisco ME 3400E Ethernet Access switch. Chapter 1, “Configuring QoS” describes how to configure QoS for both IPv4 and IPv6 traffic.
For more information about Cisco IOS MQC commands, see the “Cisco IOS Quality of Service Solutions Command Reference” at this site:
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_4/qos_12_4_book.html
For related information, see these chapters:
- For information about configuring IPv6 on the switch, see Chapter38, “Configuring IPv6 Unicast Routing”
- For information about configuring IPv6 access control lists (ACLs), see Chapter40, “Configuring IPv6 ACLs”
- For information about SDM templates, see Chapter7, “Configuring SDM Templates”
- For information about configuring IPv4 QoS, see Chapter1, “Configuring QoS”

Note For complete syntax and usage information for the commands used in this chapter, see the command reference for this release or the Cisco IOS documentation referenced in the procedures.
Understanding IPv6 QoS
QoS features supported for IPv6 environments include packet classification, queueing, class-based packet marking, and policing of IPv6 packets. IPv6 packets are forwarded by paths that are different from those for IPv4.
All QoS features available for IPv6 environments are managed from the modular QoS command-line interface (MQC). The MQC allows you to define traffic classes, create and configure traffic policies (policy maps), and then attach those traffic policies to interfaces.
Figure 41-1 shows the basic QoS model for IPv6 traffic.

To configure QoS in IPv6 networks, follow the same steps that you would follow to implement QoS in IPv4 networks. At a very high level, the basic steps for implementing IPv6 QoS are as follows:
1. Define a traffic class. Use the class-map [match-all | match-any] class-map-name global configuration command to define a traffic class and to enter class-map configuration mode.
2. Create a traffic policy to associate the traffic class with one or more QoS features. Use the policy-map policy-map-name global configuration command to create a traffic policy and to enter policy-map configuration mode. A traffic policy defines the QoS features to associate with the specified traffic class.
3. Attach the traffic policy to an interface. Use the service-policy interface configuration command to attach the policy map to an interface for packets entering or leaving the interface. Specify whether the traffic policy characteristics are applied to incoming or outgoing packets.
Configuring IPv6 QoS
Classifying Traffic
Classifying network traffic allows you to organize packets into traffic classes or categories on the basis of whether the traffic matches specific criteria.
Restrictions
The following restrictions apply when classifying IPv6 traffic:
- Classification based on inner vlan (match vlan inner) for QinQ services is not supported for IPv6 traffic on the Cisco ME 3400E Ethernet Access switch.
- IPv4 and IPv6 classification criteria cannot be configured simultaneously in the same class-map, but they can be configured in different class-maps in the same policy.

Note These restrictions apply to IPv6 traffic only. See Chapter 1, “Configuring QoS” for guidelines and restrictions that apply to both IPv4 and IPv6 traffic.
Using IPv6 ACLS to Classify IPv6 Traffic
You can classify IPv6 traffic using IPv6 ACLs. For information about configuring IPv6 ACLs, see Chapter40, “Configuring IPv6 ACLs”
The Cisco ME 3400E Ethernet Access switch supports matching IPv6 traffic based on source or destination address, IPv6 DSCP and layer 4 source or destination port by defining ACLs and using the match access-group class-map configuration command to match on the ACL.
SUMMARY STEPS
2. ipv6 access-list access-list-name
3. {deny | permit} protocol { source-ipv6-prefix / prefix-length | any | host source-ipv6-address } [ operator [ port-number ]] { destination-ipv6-prefix/ prefix-length | any | host destination-ipv6-address } [ operator [ port-number ]] [ dscp value ] [ fragments ] [ log ] [ log-input ] [ routing ] [ sequence value ] [ time-range name ]
{ deny | permit } tcp { source-ipv6-prefix / prefix-length | any | host source-ipv6-address } [ operator [ port-number ]] { destination-ipv6- prefix/prefix-length | any | host destination-ipv6-address } [ operator [ port-number ]] [ ack ] [ dscp value ] [ established ] [ fin ] [ log ] [ log-input ] [ neq { port | protocol }] [ psh ] [ range { port | protocol }] [ rst ] [ routing ] [ sequence value ] [ syn ] [ time-range name ] [ urg ]
{ deny | permit } udp
{ source-ipv6-prefix / prefix-length | any | host source-ipv6-address } [ operator [ port-number ]] { destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address } [ operator [ port-number ]] [ dscp value ] [log ] [log-input] [ neq { port | protocol }] [ range { port | protocol }] [ routing ] [ sequence value ] [ time-range name ]
{ deny | permit } icmp { source-ipv6-prefix / prefix-length | any | host source-ipv6-address } [ operator [ port-number ]] { destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address } [ operator [ port-number ]] [ icmp-type [ icmp-code ] | icmp-message ] [ dscp value ] [ log ] [log-input] [ routing ] [ sequence value ] [ time-range name ]
DETAILED STEPS
Complete the following steps in privileged EXEC mode, to create an IPv6 ACL.
Use the no { deny | permit } IPv6 access-list configuration commands with keywords to remove the deny or permit conditions from the specified access list.
This example configures the IPv6 access list named CISCO. The first deny entry in the list denies all packets that have a destination TCP port number greater than 5000. The second deny entry denies packets that have a source UDP port number less than 5000. The second deny also logs all matches to the console. The first permit entry in the list permits all ICMP packets. The second permit entry in the list permits all other traffic. The second permit entry is necessary because an implicit deny -all condition is at the end of each IPv6 access list.
This example shows how to create a class map that matches incoming traffic with the IPv6 ACL named CISCO.
Using Class Maps to Classify IPv6 Traffic
Use the class-map global configuration command to name and to isolate a specific traffic flow (or class) from all other traffic. The Cisco ME 3400E Ethernet Access switch supports the following match commands in an IPv6 Qos class-map:
Except for the match dscp and match precedence commands, the functionality of all of the match commands is the same for both IPv4 and IPv6. The match dscp and match precedence commands match on both IPv4 and IPv6 traffic. The match ip dscp and match ip precedence commands match on IPv4 traffic only.

Note At egress there is no distinction between match ip dscp and match dscp, or between match ip precedence and match precedence in an output policy map. Both match statements match on both IPv4 and IPv6 traffic.
For more information about IPv4 QoS, see Chapter1, “Configuring QoS”
Restrictions
The following restrictions apply to the match command in an IPv6 QoS class-map:
- The match dscp and match precedence commands cannot be configured within the same class-map.
- The match dscp and match access-group commands cannot be configured within the same class-map.
- The match precedence and match access-group commands cannot be configured within the same class-map.
- The match ip dscp / match ip precedence and match dscp / match precedence commands cannot be configured within the same class-map.

Note You can also create class-maps during policy map creation by using the class policy-map configuration command.
SUMMARY STEPS
2. class-map [ match-all | match-any ] class-map-name
3. match { access-group acl-index-or-name | dot1ad dei value | dscp dscp-list | precedence ip-precedence-list }
DETAILED STEPS
Complete the following steps in privileged EXEC mode, to create a class map and to define the match criterion to classify traffic.
|
|
|
---|---|---|
|
||
class-map [ match-all | match-any ] class-map-name |
Creates a class map, and enters class-map configuration mode. By default, no class maps are defined.
If no matching statements are specified, the default is match-all. Note A match-all class map cannot have more than one classification criterion (match statement). |
|
match { access-group acl-index-or-name | dot1ad dei value | dscp dscp-list | precedence ip-precedence-list } |
Defines the match criterion to classify traffic. By default, no match criterion is defined. Only one match type per class map is supported, and only one ACL per class map is supported.
|
|
Use the no form of the appropriate command to delete an existing class map or remove a match criterion.
This example shows how to create a class map called VOIP-ALL, which matches incoming traffic with a DSCP value of cs5.
Using Table Maps to Classify IPv6 Traffic
You can use table maps to manage a large number of traffic flows with a single command. Table maps are used only in input policy maps. The Cisco ME 3400E Ethernet Access switch supports the following table maps for IPv6 traffic:
- DSCP to CoS, precedence, or DSCP
- Precedence to CoS, DSCP, or precedence
- CoS to DSCP, precedence, or CoS
For more informationon configuring the above table maps,see the “Configuring Table Maps” section in Chapter1, “Configuring QoS”.
Using Default Class to Classify IPv6 Traffic
All ingress and egress IPv6 traffic that is not classified by any of the user-defined classes will fall into class-default.
Displaying IPv6 QoS
The commands listed in Table 41-1 apply to both IPv4 and IPv6 traffic when a dual-ipv4-and-ipv6 template is configured. For explanation about available keywords, see the command reference for this release.
Except for the show policy-map interface user EXEC command, the functionality of all of the QoS show commands is the same for both IPv4 and IPv6. The Cisco ME 3400E Ethernet Access switch supports classification statistics on a per class-map basis if a policer is included in the class. However, the Cisco ME 3400E Ethernet Access switch does not support classification statistics on a per match statement basis.
For more information about displaying QoS information, see the “Displaying QoS Information” section.