07-16-2008 09:42 PM
I have a WAN(SHDSL) link between 2 sites, serivce provider has MPLS core network.
Site 1 -- Cisco 878 --- MPLS CORE --- SHDSL MODEM(BRIDGED)---- Cisco ASA 5505 --- Site 2
I want to prioritize the traffic for Port TCP 3389 between sites, I have been told to mark TCP 3389 traffic with IP PRECEDENCE 3, I have read through the documentation and couldnt find where you can use "set ip precedence" command, all i could find was match command.
Service Provider will only configure cisco 878 router and i have to deal with the other end.
Cisco ASA 5505 i have is with Base Licence with 3 VLANs (INTERNT, WAN, LAN)
Could someone give me a hand with this.
thanks.
07-17-2008 07:49 AM
HI,
when you deal with QoS, you have to:
1)CLASSIFY:
2)DEFINE POLICIES FOR EACH CLASS:
3)APPLY THE POLICY
Example:
1)
class-map match-any CLASS1
match access-group [acl#] !
2)
policy-map MARIO
class CLASS1
set ip precedence 3
class class-default
set ip precedence default
3)
int x/y
service-policy MARIO in/out
Hope this help
07-19-2008 07:55 AM
You will want to use Modular Quality of Service. Access-lists will define interesting traffic, Class-maps are used to define traffic class and match access-lists. Policy-maps are used to identify what action should be performed against a class-map. Use the service-policy command under interface configuration to apply the policy-map.
Set ip precedence is configured under the policy-map.
Please refer to the following document:
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns432/c649/ccmigration_09186a008049b062.pdf
Steve Lyons - Cisco
07-20-2008 08:37 PM
based on the config mentioned above the traffic has been clasiffied and marked as precedence 3
there wasnt any kind of prioritization
so let assume the config above applied to the router inernal interface (facing the LAN)
u need another policy map that match the precednce 3 ( which u marked it before ) and riortizeit
class-map map2
match ip precedence 3
policy-map policy2
class maps2
priority percent 30
class class-default
fair queue
interface (outside interface)
service-policy policy2 out
good luck
rate if helpful
07-21-2008 07:58 PM
Thanks everyone for the replies, As i mentioned in my initial post, i dont get the option of marking the packet (SET PRECEDENCE) when defining the class-map all i get is "match" there isnt any "set" option available to use,
Site 1 router's Qos config is mentined below
class-map match-all RDP
match access-group 150
!
!
policy-map remote
class RDP
bandwidth 256
set precedence 3
class class-default
fair-queue
!
interface ATM0
no ip address
no ip unreachables
no ip route-cache cef
no ip route-cache
load-interval 30
no atm ilmi-keepalive
service-policy output remote
access-list 150 permit tcp any any eq 3389
07-21-2008 08:21 PM
first of all
with class-map there no set and no need for set
the set u find it with policy only as u have done above
the above config showing that u have given 256 kbp to ur rdp traffic when its leave ur router
so i dont think u need the set ip precednce here just remove it because it dosent make sense here
unless u want to mark this traffic and u se it on the other side of your network
so based on ur requeremnt u just need a garanteed bandwith for ur rdp
so bandwidth command enogh
by the way
can also put ur rdp in LLQ
by replacing the bandwith statment by priority statemnt
but in this case u will limit ur traffic to that traffic regardless ur network is congested or not
this is used for voice normaliy
good luck
please, Rate if helpful
07-21-2008 09:28 PM
Sorry about that, my objective here is to achieve end to end QoS, to get that packet to be prioritize through out the core network to the other end.
LLQ is definatly not suitable for me.
07-21-2008 09:42 PM
ok
in this case
what u need
make a matching statment by ur acl to what traffic u want to be mark
them match with a class-map
then make a policy map that mark that traffic with lets say ip presedence 3
apply it to the inside router interface in the indound direction
then mak a calss map that only match whay u have marked befor
lets say
class-map map1
match ip presedence 3
then
policy-map policy1
class map1
bandwidth 256
and apply it on the outside interface in the outbound direction
till now u have done one way qos
do the same but in the reverse direction othe other side router
it is like
mark --- match the marked traffic--prioritize
hope this helpful
07-21-2008 10:25 PM
I think we getting to the point where we started, ASA is not letting me mark the traffic, or may be i m missing something, have you experienced this kind of QoS with Cisco ASA?
07-21-2008 11:41 PM
becasue firewalls not intended to be a qos device its weak in this point
it has very limited qos capability
so what i suggest u is either place a router
or use a switch in site 2 to mark the traffic for u
with asa u r able to make priorities
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide