06-05-2009 09:41 AM - edited 02-21-2020 03:29 AM
I have a DMVPN setup and on the spoke router the tunnel interface is T0 and it's on FE0/0 where the ISP router is connected. The total bandwidth is 1.5Mbps.
I have IP phone traffic on the VPN tunnel and I want to prioritize it. However the local internet traffic goes directly out of FE0/0, not through the tunnel. How can I setup the QoS so the phone traffic on the vpn tunnel will have priority and guaranteed bandwidth while the internet traffic will still be able to fully utilize the 1.5 link when there is no phone traffic? Thanks!
06-09-2009 08:36 AM
I am doing a very similar setup at he mo, the only difference is that internet traffic is tunneled to the hub site as well, but I don't think that should make a difference. If you add qos pre-classify statement to the tunnel interface that will ensure traffic is classified for QoS prior to being encrypted. Use a priority command to use low latency queueing for voice traffic (other traffic will be able to use this bandwdith when voice does not require it) something like.....
int tunnel0
qos pre-classify
class-map voice
match dscp ef
policy map enterprise
class voice
priority 256 (kbps, that may be too much)
class class-default
fair queue
You may want to shape the traffic as well to stop packets leaving your router at 100 mbps you can do this something like.....
policy-map shape
class class-default
service-policy enterprise
Then apply the new policy map to the interface, e.g.
interface fast0/0
service-policy shape
The other thing you may want to consider is auto qos (this will monitor packets based on NBAR or DSCP (I reckon DSCP is better) and provide info and recommend (but not implement a policy) to do this...
interface fast0/0
auto discovery qos trust (trust specifies using dscp, if you don't use that you would need to enable nbar)
I'm no expert on QoS but thats how I am currently setting it up
06-09-2009 08:49 AM
forgot the shape command which might help if you want to shape traffic, so it would be......
policy-map shape
class class-default
service-policy enterprise
shape average 1500000
06-10-2009 08:13 AM
Thank you for your reply Ricey! It's very helpful! Just some questions about the config:
1. So the policy-map "shape" only needs to be put under f0/0, but not T0 interface?
2. "qos pre-classify" under t0 interface, what does it do?
3. I see that you nest policy-map "enterprise" under "shape". Can I simply use "enterprise" under f0/0?
Thanks!
06-10-2009 11:37 AM
Richard (Ricey) hope you don't mind me answering these questions.
#1 The real interface would be the preferred location (in case there was other traffic besides just the one tunnel's traffic).
#2 It allows the service policy to see packet information before it was encrypted. (An alternative approach is to rely on ToS tags, e.g. DSCP.)
#3 You could, but the shaper is critical to create congestion that corresponds to the downstream bandwidth. Otherwise, VoIP wouldn't be treated better until the f0/0 congested. (Also, when working with Ethernet that hands off [eventually] to another media, you may need to allow for Ethernet framing overhead in your shaping. Also for VoIP, you might need to decrease the shaper's Tc.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide