DirectionAVC Policy ExampleAVC Policy Format
Ingress and egress
policy-map webex-policy
class webex-class
police 5000000
service-policy client-in-police-only
policy-map client-in-police-only
class webex-class
police 100000
class class-webex-category
set dscp ef
police 200000
Hierarchical police
policy-map webex-policy
class class-default
police 1500000
service policy client-up-child
policy-map client-up-child
class webex-class
police 100000
set dscp ef
class class-webex-category
police 200000
set dscp af31
Hierarchical set and police
Restrictions for Wired Application Visibility and Control
• AVC and Encrypted Traffic Analytics (ETA) cannot be configured together at the same time on the same
interface.
• NBAR and transmit (Tx) Switched Port Analyzer (SPAN) is not supported on the same interface.
• Only one of the NBAR based QoS mechanisms are allowed to be attached to any port at the same time,
either protocol based or attributes based. Only the following two attributes are supported :
• traffic-class
• business-relevance
• The legacy WDAVC QoS limitations are still applicable:
• Only marking and policing are supported.
• Only physical interfaces are supported.
• There is a delay in the QoS classification since the application classification is done offline (while
the initial packet/s of the flow are meanwhile forwarded before the correct QoS classification).
• NBAR2 based match criteria match protocol will be allowed only with marking or policing actions.
NBAR2 match criteria will not be allowed in a policy that has queuing features configured.
• ‘Match Protocol’: up to 255 concurrent different protocols in all policies (8 bits HW limitation).
• AVC is not supported on management port (Gig 0/0).
System Management Configuration Guide, Cisco IOS XE Amsterdam 17.2.x (Catalyst 9500 Switches)
123
Configuring Application Visibility and Control in a Wired Network
Restrictions for Wired Application Visibility and Control
To Next Page
Loading...
Need help?
General