QoS Policy Commands

bandwidth

To define the total bandwidth for a bandwidth pool, use the bandwidth command in bandwidth pool configuration mode. To return to the default value, use the no form of this command.

Supported Parameters

value

Specifies the total bandwidth, in kilobits per second, for a bandwidth pool. Valid value is a number from 1 to 4294967295.

Command History

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE bandwidth command. 

interface serial 0
bandwidth 44736

bandwidth (policy-map class)

To specify or modify the bandwidth allocated for a class belonging to a policy map, or to enable ATM overhead accounting, use the bandwidth command in QoS policy-map class configuration mode. To remove the bandwidth specified for a class or disable ATM overhead accounting, use the no form of this command.

bandwidth [ remaining ] percent percentage

no bandwidth

Syntax Description

remaining

(Optional) Specifies that the percentage of guaranteed bandwidth is based on a relative percent of available bandwidth.

percent percentage

Specifies the percentage of guaranteed bandwidth based on an absolute percent of available bandwidth to be set aside for the priority class or on a relative percent of available bandwidth. The valid range is 1 to 100.

Command Default

No bandwidth is specified.

Command Modes


QoS p olicy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

For usage guidelines, see the Cisco IOS XE bandwidth (policy-map class) command.

The following example shows how to create two policy maps called “PMap” and "generic-cos" and configure two class policies in each policy map. 


policy-map PMap  
 class PMap-super-fast  
  priority level 1  
  police percent 5  
 !
 class PMap-fast  
  priority level 2  
  police percent 5 
 !
!
policy-map generic-cos
 class cos-map-generic
  bandwidth remaining percent 5  
  queue-limit 108 packets  
 !
 class class-default  
  bandwidth remaining percent 95  
  queue-limit 2028 packets 
 !
!

bandwidth qos-reference

To configure bandwidth to be used as a reference for calculating rates of quality of service (QoS) percent configurations on a physical or logical interface, use the bandwidthqos-reference command in interface configuration or subinterface configuration mode. To remove this explicitly specified reference bandwidth, use the no form of this command.

bandwidth qos-reference bandwidth-amount

no bandwidth qos-reference bandwidth-amount

Syntax Description

bandwidth-amount

Amount of bandwidth in kilobits per second (kb/s). Valid values are 1 to 10000000.

Command Default

This command is disabled. Reference bandwidth for a logical interface is derived from the main interface or the main interface QoS policy.

Command Modes


Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see bandwidth qos-reference.

The following example shows how to configure the bandwidthqos-reference command to allocate 100000 kb/s of bandwidth as a reference rate for GigabitEthernet interface 1: 

Device(config)# interface GigabitEthernet 1
Device(config-if)# bandwidth qos-reference 100000

bandwidth remaining ratio

To specify a bandwidth-remaining ratio for class-level or subinterface-level queues to be used during congestion to determine the amount of excess bandwidth (unused by priority traffic) to allocate to nonpriority queues, use the bandwidth remaining ratio command in policy-map class configuration mode. To remove the bandwidth remaining ratio, use the no form of this command.

bandwidth remaining ratio ratio

no bandwidth remaining ratio ratio

Syntax Description

ratio

Relative weight of this subinterface or class queue with respect to other subinterfaces or class queues. Valid values are from 1 to 1000. At the subinterface level, the default value is platform dependent. At the class queue level, the default is 1.

ratio

Relative weight of this subinterface or class queue with respect to other subinterfaces or class queues.

Command Default

The default bandwidth ratio is 1.

Command Modes


Policy-map class (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE bandwidth remaining ratio command. 

class Queue1
   bandwidth remaining ratio 20
   random-detect precedence-based
  !

class (policy-map)

To specify the name of the class whose policy you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy, use the class command in policy-map configuration mode. To remove a class from the policy map, use the no form of this command.

class { class-name | | class-default }

no class { class-name | | class-default }

Syntax Description

class-name

Name of the class to be configured or whose policy is to be modified. The class name is used for both the class map and to configure a policy for the class in the policy map.

class-default

Specifies the default class so that you can configure or modify its policy.

Command Default

No class is specified.

Command Modes


Policy-map configuration (config-pmap)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE class (policy-map) command.

The following example shows how to create two policy maps called “PMap” and "generic-cos" and configure two class policies in each policy map. 


policy-map PMap  
 class PMap-super-fast  
  priority level 1  
  police percent 5  
 !
 class PMap-fast  
  priority level 2  
  police percent 5 
 !
!
policy-map generic-cos
 class cos-map-generic
  bandwidth remaining percent 5  
  queue-limit 108 packets  
 !
 class class-default  
  bandwidth remaining percent 95  
  queue-limit 2028 packets 
 !
!

control-plane

To configure a quality of service (QoS) filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS XE routers and switches against reconnaissance and denial-of-service (DoS) attacks, use the control-plane command in the appropriate configuration mode. To remove the control plane from an input or output interface, use the no form of this command.

control-plane service-policy input policy-map-name output policy-map-name

no control-plane service-policy

Syntax Description

service-policy

Attaches a QoS service policy to the control plane.

input

Applies the specified service policy to packets received on the control plane.

output

Applies the specified service policy to packets transmitted from the control plane and enables the router to silently discard packets..

policy-map-name

The name of a service policy map (created using the policy-map command) to be attached. The name can be a maximum of 40 alphanumeric characters in length.

Command Default

No control policy is specified. No policy map is attached.

Command Modes

Interface configuration (config-if)

Subinterface configuration (config-subif)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.9.1a

Qualified for use in Cisco Catalyst SD-WAN Manager CLI templates.

Usage Guidelines

For the usage guidelines, see control-plane. 

Device(config)# interface GigabitEthernet 1
Device(config-if)# control-plane input policy_1
Device(config)# interface GigabitEthernet 1
Device(config-if)# control-plane output policy_2

ip nbar protocol-discovery

To configure Network-Based Application Recognition (NBAR) to discover traffic for all protocols that are known to NBAR on a particular interface, use the ipnbarprotocol-discovery command in interface configuration mode or VLAN configuration mode. To disable traffic discovery, use the no form of this command.

ip nbar protocol-discovery

no ip nbar protocol-discovery

Syntax Description

This command has no arguments or keywords.

Command Default

Traffic discovery is disabled.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Release Amsterdam 17.2.1v

Qualified for use in Cisco vManage CLI templates

Usage Guidelines

For the usage guidelines, see ip nbar protocol-discovery.

The following example shows how to configure protocol discovery for both IPv4 and IPv6 on an Ethernet interface: 

Device(config)# interface GigabitEthernet 1.101
Device(config-if)# ip nbar protocol-discovery

match access-group

To configure the match criteria for a class map on the basis of the specified access control list (ACL), use the match access-group command in class-map configuration mode. To remove ACL match criteria from a class map, use the no form of this command.

match access-group name access-group-name

no match access-group name access-group-name

Syntax Description

name access-group-name

Named ACL whose contents are used as the match criteria against which packets are checked to determine if they belong to this class. The name can be a maximum of 40 alphanumeric characters.

Command Default

No match criterion is specified.

Command Modes


QoS class-map configuration (config-cmap)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

 

class-map type inspect match-all cmap
  match access-group name cmap
 !

match packet-tag

To configure the match criteria for a class map on the basis of the packet-tag type, value, and mask use the match packet-tag command in the class-map configuration mode. To remove the match criteria, use the no form of the command.

match packet-tag type value mask

Syntax Description

type

The packet-tag type is a value in the range 1 to 8.

For VPN traffic, the packet-tag type is configured using the vpn packet-tag command.

value

For VPN traffic, the packet-tag value is the VPN ID.
mask

The mask is used to identify a single VPN ID, or a VPN ID from a range of IDs.

For a single VPN ID, use the mask 65535.

To identify a VPN ID from a range of IDs, calculate the mask such that an AND operation between the VPN ID and the mask evaluates to the first VPN ID in the range.

Command Default

By default, the command is not configured.

Command Modes

QoS class-map configuration (config-cmap)

Command History

Release Modification
Cisco IOS XE Release 17.6.1a

Command introduced.

Example

In the following example, match criteria is specified for a sequence of VPN IDs that do not belong to a range: 

class-map match-any VPN_GROUP_1
 match packet-tag 1 101 65535
 match packet-tag 1 201 65535

In the following example, match criteria is specified for a sequence of VPN IDs that belong to a range: 

class-map match-any VPN_GROUP_103
 match packet-tag 1 103 65535
 match packet-tag 1 104 65534

platform qos sdwan max-session

To configure the maximum number of sessions to which a QoS policy can be applied, use the platform qos sdwan max-session command in global configuration mode. To restore the maximum number of sessions to the default, use the no form of the command.

platform qos sdwan max-session number-of-sessions [ adapt { mode { aggressive | normal } [ spoke-overlay-usage usage-percent ] [ wan-loss-permillage permillage ] } ]

no platform qos sdwan max-session

Syntax Description

number-of-sessions

Number of sessions to which a QoS policy can be applied, set individually for each tunnel.

Range (Cisco IOS XE Catalyst SD-WAN Release 17.13.1a): 100 through 10,000

Range (Cisco IOS XE Catalyst SD-WAN Release 17.11.1a): 100 through 6,000

adapt

This is the first phase where the shaping rate (the mechanism that regulates the data transfer rate in a network) is determined either by the default value or recalculated based on the results from the previous cycle.

mode

Adjust the shaping rate based on the current throughput or the existing shaping rate. The shaping rate is the maximum data transfer rate that a network traffic shaper allows on a network link.

aggressive : Use the current throughput.

normal : Use the current shaping rate.

spoke-overlay-usage usage-percent

The percentage of spoke-overlay-usage. This is the proportion of the total network capacity for spoke connections in the network's overlay architecture.

Range: 1 through 100 percent
wan-loss-permillage permillage

WAN loss permillage is the packet loss rate on the WAN link, in parts per thousand (per mille).

Range: 1 through 999

Command Default

The default maximum number of QoS sessions is dependent on the platform.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

Command qualified for use in Cisco Catalyst SD-WAN Manager CLI templates.

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Increased the maximum number of sessions from 6,000 to 10,000.

Usage Guidelines

Use the platform qos sdwan max-session command to configure the maximum number of sessions to which a QoS policy can be applied, on a per-tunnel basis. When the Cisco Catalyst SD-WAN Manager user sessions with QoS policy reach the limit, QoS policy is not applied for additional sessions.

Configure Maximum Number of Sessions

The following example shows how configure the per-tunnel QoS scale to support up to 10,000 sessions.

Device(config)# platform qos sdwan max-session 10000

police (percent)

To configure traffic policing on the basis of a percentage of bandwidth available on an interface, use the police command in policy-map class configuration mode. To remove traffic policing from the configuration, use the no form of this command.

police rate percent percentage

no police rate percent percentage

Syntax Description

rate

Specifies the information rate.

percent

Specifies that a percentage of bandwidth will be used for calculating the CIR.

percentage

The bandwidth percentage. Valid range is a number from 1 to 100.

Command Default

No traffic policing is configured.

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE police (percent) command.

The following example shows how to configure traffic policing: 

Policy-map PMap  
 class PMap-super-fast  
  priority level 1  
  police rate percent 5  
 class PMap-fast  
  priority level 2  
  police rate percent 5 
 !
!
policy-map generic-cos
 class cos-map-generic
  bandwidth remaining percent 5  
  queue-limit 108 packets  
 class class-default  
  bandwidth remaining percent 95  
  queue-limit 2028 packets

policy-map

To enter policy-map configuration mode and create or modify a policy map that can be attached to one or more interfaces to specify a service policy, use the policy-map command in global configuration mode. To delete a policy map, use the no form of this command.

policy-map [ type inspect ] policy-map-name

no policy-map [ type inspect ] policy-map-name

Syntax Description

type inspect

(Optional) Specifies the policy-map type as inspect.

policy-map-name

Name of the policy map.

Command Default

The policy map is not configured.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command modified to support type inspect .

Usage Guidelines

For usage guidelines, see the Cisco IOS XE policy-map command.

The following example shows how to create two policy maps called “PMap” and "generic-cos" and configure two class policies in each policy map. 


policy-map PMap  
 class PMap-super-fast  
  priority level 1  
  police percent 5  
 !
 class PMap-fast  
  priority level 2  
  police percent 5 
 !
!
policy-map generic-cos
 class cos-map-generic
  bandwidth remaining percent 5  
  queue-limit 108 packets  
 !
 class class-default  
  bandwidth remaining percent 95  
  queue-limit 2028 packets 
 !
!

priority

To give priority to a class of traffic belonging to a policy map, use the priority command in policy-map class configuration mode. To remove a previously specified priority for a class, use the no form of this command.

priority percent percentage

no priority percent percentage

Syntax Description

percent

Specifies that the amount of guaranteed bandwidth will be specified by the percent of available bandwidth.

percentage

Total available bandwidth to be set aside for the priority class. The percentage can be a number from 1 to 100.

Command Default

No priority is set.

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE priority command 

policy-map QOS-POLICY-MAP
 class Queue0
  priority percent 30
 class Queue1
  bandwidth percent 20
 class Queue3
  bandwidth percent 20
 class class-default
  bandwidth percent 30

priority level

To configure multiple priority queues, use the priority level command in policy-map class configuration mode. To remove a previously specified priority level for a class, use the no form of this command.

priority level level

no priority level level

Syntax Description

level

Defines multiple levels of a strict priority service model. When you enable a traffic class with a specific level of priority service, the implication is a single priority queue associated with all traffic that is enabled with the specified level of priority service.

Valid values are from 1 (high priority) to 2 (low priority). Default is 1.

Command Default

The priority level has a default level of 1.

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE priority level command.

The following example shows how to configure multi level priority queues. In the example, the traffic class named PMap-super-fast is given high priority (level 1), and the class named PMap-fast is given level 2 priority. To prevent PMap-fast traffic from becoming starved of bandwidth, PMap-super-fast traffic is policed at 5 percent of the available bandwidth. 

Policy-map PMap  
 class PMap-super-fast  
  priority level 1  
  police percent 5  
 class PMap-fast  
  priority level 2  
  police percent 5 
 !
!

random-detect

random-detect

no random-detect

Syntax Description

This command has no arguments or keywords.

Command Default

WRED is disabled by default.

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE random-detect command 

 
policy-map policy1
 class class1
 bandwidth percent 80
 random-detect

service-policy

To attach a policy map to an input interface or an output interface, use the service-policy command in the appropriate configuration mode. To remove a service policy from an input or output interface, use the no form of this command.

service-policy output policy-map-name

no service-policy

Syntax Description

output

Attaches the specified policy map to the output interface or output VC.

policy-map-name

The name of a service policy map (created using the policy-map command) to be attached. The name can be a maximum of 40 alphanumeric characters in length.

Command Default

No service policy is specified. A control policy is not applied to a context. No policy map is attached.

Command Modes

Interface configuration (config-if)

Subinterface configuration (config-subif)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see service-policy. 

Device(config)# interface GigabitEthernet 1
Device(config-if)# service-policy output  policy_1
Device(config)# interface ATM 0/2/0.1 point-to-point
Device(config-subif)# service-policy output  policy_1

service-policy (policy-map class)

To use a service policy as a QoS policy within a policy map (called a hierarchical service policy), use the service-policy command in policy-map class configuration mode. To disable a particular service policy as a QoS policy within a policy map, use the no form of this command.

service-policy policy-map-name

no service-policy policy-map-name

Syntax Description

policy-map-name

Specifies the name of the predefined policy map to be used as a QoS policy. The name can be a maximum of 40 alphanumeric characters.

Command Default

No service policies are used.

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE service-policy (policy-map class) command.

The following example creates a hierarchical service policy in the service policy called parent: 


policy-map shape_GigabitEthernet0/0/1
 class class-default
  service-policy Branch-QoS-Policy
  shape average 1000000000

shape (policy-map class)

To shape traffic to the indicated bit rate according to the algorithm specified or to enable ATM overhead accounting, use the shape command in policy-map class configuration mode. To remove shaping and leave the traffic unshaped, use the no form of this command.

shape average mean-rate

no shape [average]

Syntax Description

average

Committed Burst (Bc) is the maximum number of bits sent out in each interval.

mean-rate

Also called committed information rate (CIR). Indicates the bit rate used to shape the traffic, in bps. When this command is used with backward explicit congestion notification (BECN) approximation, the bit rate is the upper bound of the range of bit rates that will be permitted. The value must be between 1,000 and 1,000,000,000 bits per second.

Command Default

Command Modes


Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE shape (policy-map class) command. 


policy-map shape_GigabitEthernet0/0/1
  class class-default
   service-policy Branch-QoS-Policy
   shape average 1000000000
  !

vpn packet-tag

To specify a packet-tag type for VPN traffic from the branch, use the vpn packet-tag command in the SD-WAN configuration mode. To remove the packet-tag type configuration, use the no form of the command.

vpn packet-tag type

no vpn packet-tag

Syntax Description

type

VPN packets are tagged with the specified type. On the physical interface, VPN packets are found using the tag type to apply per-VPN QoS.

Specify a value in the range 1 to 8.

Command Default

By default, the command is disabled

Command Modes

sdwan configuration mode (config-sdwan)

Command History

Release Modification
Cisco IOS XE Release 17.6.1a

Command introduced

Example

In the following example, VPN packets are tagged to be of type '1'.

sdwan
 vpn packet-tag 1

platform qos port-channel-aggregate

To enable the aggregate port-channel interface, use the platform qos port-channel-aggregate command in the global configuration mode.

platform qos port-channel-aggregate port-channel-number

no platform qos port-channel-aggregate port-channel-number

Syntax Description

port-channel-number

Specify an EtherChannel number.

Command Modes

Global configuration (config)

Command History

Release Modification
Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

Command qualified for use in Cisco Catalyst SD-WAN Manager CLI templates.

Enable the aggregate port-channel interface

The following example shows how to enable the aggregate port-channel interface.

Device# config-transaction
Device(config)# platform qos port-channel-aggregate port-channel-number