11-26-2009 03:16 PM - edited 03-11-2019 09:43 AM
Hello I would like to configure traffic shaping on wan to wan of 2 PIXes ( vpn site 2 site ) running 8.0.4 version
Remote Topology :
100 Mbps Inside ( dot1q interfaaces : some vlans + voice vlan )
100 Mbps Interface Outside : single interface using vpn Lan to Lan -> catalyst -> 10 Mbps Wan link -> PIX on central office
Total wan bandwith : 10 Mbps
Central site topology :
100 Mbps Outside PIX interface -> catalyst -> 10 Mbps wan link to remote site
Desired bandwith assignment :
2 Mbps for Voice Vlan guaranteed or for destination Voice subnets address ( i.e remote 10.1.0.0/24 & 10.2.0.0/24 )
5 Mbps for remote to central site communication ( cifs, smtp, http ... etc ) ( remote networks10.80.0.0/24 + 10.90.0.0/24 )
2 Mbps for http ( rest of web browsing like internet )
1 Mbps for the rest of traffic
If I follow the document :
https://supportforums.cisco.com/docs/DOC-1230;jsessionid=AE6DD382CD127942A24AA17C04A1917E.node0
I cannot find where is defined the bandwith assignemt for the example :
( says : " ... In other words we will traffic shape all traffic for 900kbps, prioritize the voice and guarantee 100kbps for it ... "
Where is the 900 Kbps and the 100 Kbps of the guarantee ?
Now, lets assume that we have the same ASA as in the previous case. And we now want to traffic shape all traffic and prioritize the voice through the VPN. In other words we will traffic shape all traffic for 900kbps, prioritize the voice and guarantee 100kbps for it. Again, we assume that the voice traffic is flagged with dhcp field ef and the tunnel group name is tunnel-grp1.
ASA(config)# priority-queue outside
ASA(config)# class-map TG1-voice-class
ASA(config-cmap)# match tunnel-group tunnel-grp1
ASA(config-cmap)# match dscp ef
ASA(config-cmap)# policy-map priority-policy
ASA(config-pmap)# class TG1-voice-class
ASA(config-pmap-c)# priority
ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 1000000
ASA(config-pmap-c)# service-policy priority-policy
ASA(config-pmap-c)# service-policy shape-priority-policy interface outside
Thank you.
Solved! Go to Solution.
11-30-2009 05:34 AM
Check your config against the below config example:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml
HTH>
11-30-2009 03:21 PM
I fixed the document. There was a typo. It should have been:
ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 900000
ASA(config-pmap-c)# service-policy priority-policy
As for your setup, I think with the bw requirements you have, you need to police 5 Mbps for the http,
2 Mbps for for cifs etc (the police should be with a new policy-map).
Then traffic shape the default traffic to 1Mbps and prioritize the voice that you want. By definition
the voice will get the remaining 2 Mbps if you shape and police the rest.
I hope it makes sense.
PK
11-30-2009 05:34 AM
Check your config against the below config example:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml
HTH>
11-30-2009 03:21 PM
I fixed the document. There was a typo. It should have been:
ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 900000
ASA(config-pmap-c)# service-policy priority-policy
As for your setup, I think with the bw requirements you have, you need to police 5 Mbps for the http,
2 Mbps for for cifs etc (the police should be with a new policy-map).
Then traffic shape the default traffic to 1Mbps and prioritize the voice that you want. By definition
the voice will get the remaining 2 Mbps if you shape and police the rest.
I hope it makes sense.
PK
12-02-2009 05:19 PM
Thanks a lot !!
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide