cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1055
Views
0
Helpful
9
Replies

asa 5510 QOS ?

Helmeczi Zoltan
Level 1
Level 1

Hi all,

Please advise me about asa5510 feature,capabilities.

My question/problem :

My ISP provides 2 internet connection (1. 8mbps; 2. 2mbps) and his router change the paths if one goes down.

But if the second with 2 mbps is in use it is not enough for all inside network. And we have an inside host which is very inportant.

I have to allocate x bps minimum bandwidth for traffic between 1 inside host and 1 outside host on the outside interface.

The goal is: provide a minimum bandwith for traffic above when the other hosts use too much or all of the bandwidth.

But the above traffic must able to use more than the minimum if the others not use all of the remaining.

How can i do this with asa 5510, or which feature is what i have to use ? (if asa capable to do)

I tried qos features but dont works, but i hope there is a tricky way to solve this problem.

I attached a visio file for help.

9 Replies 9

andrew.prince
Level 10
Level 10

In which direction is this host important?

inside<>out

or

outside<>in, as this it not clear from the diagram.

The important direction of this host is:

from inside to outside.

When i try to solve this with qos, my problem was that in the asa, can't set a subset of the network or some ip.

because the qos must be applied to all outgoing traffic on a physical interface.

and one another problem i think that the asa don't know when the 8mbps or wher the 2mbps internet access is active.?

so i don't know how to guarantee a fix bandwidth for this host which can expand if its possible.

You need to create a policy that calls a class in that class you reference an acl that defines your source and desintation.

What version of code are you running - you can use IP SLA is use a specific QoS policy I beleive.

I use asa823-k8.

i try this in test

access-list shape permit ip host 192.168.4.2 any

class-map shape

match access-list shape

policy-map qos_class

class shape          ----->here i think must set an action to take any effect

policy-map qos_shape

class class-default    --------------->must use this class for shape

shape average 2000000 16000

service-policy qos_class ---------->dont take effect

service-policy qos_shape outside

and in the 8.2 config guide there is a row
:• Traffic shaping must be applied to all outgoing traffic on a physical interface or in the case of the
ASA 5505, on a VLAN. You cannot configure traffic shaping for specific types of traffic.
What do you think?

yeah i know this page but

What do you think which feature will help me?

because with policing, packets are droped when the traffic reach a limit, so it is no good for me.

or priority queuing?

because with policing, packets are droped when the traffic reach a limit,

you have two possible solutions: either set the exceed action to  transmit or configure the burst_bytes to a large enough value to meed  your needs.

ciscoasa(config-pmap-c)# police output conform_rate burst_bytes conform-action transmit exceed-action transmit

A burst size of 12,000 bytes (eight 1500-byte packets) is configured:

ciscoasa(config-pmap-c)# police output 8000 12000 conform-action transmit exceed-action drop

The issue you have is this - how can the ASA know that the next hop has a bandwidth issue - answer, you can't.

So you need to answer the question - how much traffic MUST the inside host send to the outside host.  Then you need to account for that in your policy if you have failed over to your lower speed circuit.

HTH>

Hi Andrew,

Sorry for my late.

Thank you for your help, but i was not able to test because the device was changed.

Best regards:

Zoltán!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: