Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
643
Views
0
Helpful
1
Replies

QoS on GRE VPN

kapishmohole.cisco
Level 1
Level 1

‎06-28-2005 11:24 AM - edited ‎02-21-2020 12:14 AM

Hello,

I am trying to implement QoS on VPN.

I have 1750 router Branch Office (BO), one 2600 in Head Office (HO), they are connected through VPN service provider, GRE tunnel. But QoS isn’t working at all, when I apply this policy all applications are getting slowed down. I want to give priority to citrix traffic, I have 64k bandwidth, out of this I want to use 40k only for citrix.

On HO router many VPN tunnels are terminating on same serial interface(s0/1). I want to apply this QoS only for one tunnel (connecting to BO). But on BO, I can apply policy on serial interface directly because only one tunnel is terminating on (s0/0).

What is the problem in this configuration? What are the corrections/missing in configuration? Please advice me the right configuration.

This is the configuration of HO and BO router.

Branch Office (BO)

!

class-map match-any citrix

match access-group 111

!

!

policy-map child

class citrix

police cir 48000 bc 2000 be 2000

bandwidth percent 50

policy-map parent

class class-default

shape average 64000

service-policy child

!

interface Tunnel1

bandwidth 64

ip address 192.168.26.18 255.255.255.252

ip access-group www out

ip route-cache flow

service-policy output parent

tunnel source 203.201.209.198

tunnel destination 203.196.254.10

!

interface Serial0/0

bandwidth 64

ip address 203.201.209.198 255.255.255.252

ip route-cache flow

no ip mroute-cache

!

!

access-list 111 permit icmp any any

access-list 111 permit tcp any eq 1494 any

access-list 111 permit udp any eq 1604 any

!

Head Office (HO)

!

class-map match-any citrix

match access-group 111

!

!

policy-map child

class citrix

police 48000 2000 2000 conform-action transmit exceed-action drop

bandwidth percent 50

policy-map parent

class class-default

shape average 64000

service-policy child

!

!

interface Tunnel5

bandwidth 64

ip address 192.168.26.17 255.255.255.252

service-policy output parent

tunnel source 203.196.254.10

tunnel destination 203.201.209.198

!

interface Serial0/1

bandwidth 2048

ip address 203.196.254.10 255.255.255.252

no ip mroute-cache

!

access-list 111 permit icmp any any

access-list 111 permit tcp any eq 1494 any

access-list 111 permit udp any eq 1604 any

!

Thanks and regards

Kapish

0 Helpful
1 Reply 1

spremkumar
Level 9
Level 9

‎06-29-2005 03:19 AM

Hi ther

from your configs found you are missing the key config command under the tunnel interface which is must when ur attaching qos policies to ur tunnel interface or when ur trying to make use of qos policies with ur tunnel interfaces..

U need to add qos pre-classify under ur tunnel interface to make the qos policing work .

also have a look @ this link which can clear u up the things..

http://cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008017405e.shtmlhttp://cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008017405e.shtml

regds

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card