I have a WAN(SHDSL) link between 2 sites, serivce provider has MPLS core network.
Site 1 -- Cisco 878 --- MPLS CORE --- SHDSL MODEM(BRIDGED)---- Cisco ASA 5505 --- Site 2
I want to prioritize the traffic for Port TCP 3389 between sites, I have been told to mark TCP 3389 traffic with IP PRECEDENCE 3, I have read through the documentation and couldnt find where you can use "set ip precedence" command, all i could find was match command.
Service Provider will only configure cisco 878 router and i have to deal with the other end.
Cisco ASA 5505 i have is with Base Licence with 3 VLANs (INTERNT, WAN, LAN)
Could someone give me a hand with this.
when you deal with QoS, you have to:
2)DEFINE POLICIES FOR EACH CLASS:
3)APPLY THE POLICY
class-map match-any CLASS1
match access-group [acl#] !
set ip precedence 3
set ip precedence default
service-policy MARIO in/out
Hope this help
You will want to use Modular Quality of Service. Access-lists will define interesting traffic, Class-maps are used to define traffic class and match access-lists. Policy-maps are used to identify what action should be performed against a class-map. Use the service-policy command under interface configuration to apply the policy-map.
Set ip precedence is configured under the policy-map.
Please refer to the following document:
Steve Lyons - Cisco
based on the config mentioned above the traffic has been clasiffied and marked as precedence 3
there wasnt any kind of prioritization
so let assume the config above applied to the router inernal interface (facing the LAN)
u need another policy map that match the precednce 3 ( which u marked it before ) and riortizeit
match ip precedence 3
priority percent 30
interface (outside interface)
service-policy policy2 out
rate if helpful
Thanks everyone for the replies, As i mentioned in my initial post, i dont get the option of marking the packet (SET PRECEDENCE) when defining the class-map all i get is "match" there isnt any "set" option available to use,
Site 1 router's Qos config is mentined below
class-map match-all RDP
match access-group 150
set precedence 3
no ip address
no ip unreachables
no ip route-cache cef
no ip route-cache
no atm ilmi-keepalive
service-policy output remote
access-list 150 permit tcp any any eq 3389
first of all
with class-map there no set and no need for set
the set u find it with policy only as u have done above
the above config showing that u have given 256 kbp to ur rdp traffic when its leave ur router
so i dont think u need the set ip precednce here just remove it because it dosent make sense here
unless u want to mark this traffic and u se it on the other side of your network
so based on ur requeremnt u just need a garanteed bandwith for ur rdp
so bandwidth command enogh
by the way
can also put ur rdp in LLQ
by replacing the bandwith statment by priority statemnt
but in this case u will limit ur traffic to that traffic regardless ur network is congested or not
this is used for voice normaliy
please, Rate if helpful
Sorry about that, my objective here is to achieve end to end QoS, to get that packet to be prioritize through out the core network to the other end.
LLQ is definatly not suitable for me.
in this case
what u need
make a matching statment by ur acl to what traffic u want to be mark
them match with a class-map
then make a policy map that mark that traffic with lets say ip presedence 3
apply it to the inside router interface in the indound direction
then mak a calss map that only match whay u have marked befor
match ip presedence 3
and apply it on the outside interface in the outbound direction
till now u have done one way qos
do the same but in the reverse direction othe other side router
it is like
mark --- match the marked traffic--prioritize
hope this helpful
I think we getting to the point where we started, ASA is not letting me mark the traffic, or may be i m missing something, have you experienced this kind of QoS with Cisco ASA?
becasue firewalls not intended to be a qos device its weak in this point
it has very limited qos capability
so what i suggest u is either place a router
or use a switch in site 2 to mark the traffic for u
with asa u r able to make priorities