01-16-2014 11:07 AM - edited 03-11-2019 08:31 PM
Hey all, I fee like I have a fairly simple setup here and I have configured something similar before with no issues. I am not seeing any traffic in my priority queue no matter what I have tried.
Cisco ASA 5505, have an in house phone server in the DMZ and trying to run QoS. Using Cisco SPA504G phones and Catalyst 2950-2960 switches.
Here's my QoS entries for the ASA:
class-map VOIP-TRAFFIC
match dscp ef
policy-map PRIORITY-POLICY
class VOIP-TRAFFIC
priority
policy-map QOS-TRAFFIC-OUT
class class-default
shape average 10000000
service-policy PRIORITY-POLICY
service-policy QOS-TRAFFIC-OUT interface outside
RTR(config)# sh service-policy
Interface outside:
Service-policy: QOS-TRAFFIC-OUT
Class-map: class-default
shape (average) cir 10000000, bc 40000
(pkts output/bytes output) 579534515/699320949540
(total drops/no-buffer drops) 11523/0
Service-policy: PRIORITY-POLICY
Class-map: VOIP-TRAFFIC
priority
Queueing
queue limit 166 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
Class-map: class-default
Default Queueing
queue limit 166 packets
(queue depth/total drops/no-buffer drops) 0/11523/0
(pkts output/bytes output) 579749473/699539945551
Solved! Go to Solution.
01-16-2014 12:16 PM
Hi,
Then you have to configure the following:
priority-queue outside
policy-map PRIORITY-POLICY
no class VOIP-TRAFFIC
access-list VOIP permit ip (source ip-real ip) any(destination ip if you know that)
access-list VOIP permit ip any(destination ip if you know that) (source ip-real ip)
access-list VOIP permit ip any(destination ip if you know that) (public ip which the traffic is natted to)
access-list VOIP permit ip (public ip which the traffic is natted to) any(destination ip if you know that)
class-map VOIP-TRAFFIC
no match dscp ef
match access-list VOIP
exit
policy-map PRIORITY-POLICY
class VOIP-TRAFFIC
priority
exit
policy-map QOS-TRAFFIC-OUT
class class-default
shape average 10000000
service-policy PRIORITY-POLICY
service-policy QOS-TRAFFIC-OUT interface outside
- Prateek Verma
01-16-2014 11:57 AM
Hi,
Is this traffic going over vpn tunnel or is it normal traffic going through firewall?
- Prateek Verma
01-16-2014 12:07 PM
Normal traffic.
01-16-2014 12:16 PM
Hi,
Then you have to configure the following:
priority-queue outside
policy-map PRIORITY-POLICY
no class VOIP-TRAFFIC
access-list VOIP permit ip (source ip-real ip) any(destination ip if you know that)
access-list VOIP permit ip any(destination ip if you know that) (source ip-real ip)
access-list VOIP permit ip any(destination ip if you know that) (public ip which the traffic is natted to)
access-list VOIP permit ip (public ip which the traffic is natted to) any(destination ip if you know that)
class-map VOIP-TRAFFIC
no match dscp ef
match access-list VOIP
exit
policy-map PRIORITY-POLICY
class VOIP-TRAFFIC
priority
exit
policy-map QOS-TRAFFIC-OUT
class class-default
shape average 10000000
service-policy PRIORITY-POLICY
service-policy QOS-TRAFFIC-OUT interface outside
- Prateek Verma
01-16-2014 01:27 PM
Just tried it and I now see the numbers increasing in my service-policy. THANK YOU!
This might actually work better for me, I do have remote extensions that communicate to my internal PBX, so I would assume this would allow their traffic going out into the priority as well.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: