We want to start classifying traffic going out our Internet links for different service levels. We are using 3 nacls to set mission critical, required, and hog classifications. We have done the config pasted below based on these 3 acls, however we're not 100% sure we are getting what we epxect. when we do a sho policy interface we see a fair amount of policing going on, we would expect with the shaping happening at a lower level the data flows would slow before being policed that much. Other points we notice in the sho policy interface is that the random drop and tail drop values are all 0/0; however the traffic shaping area will show you that there have been bytes delayed. A final note is that if we do a sho queueing random-detect none of the interfaces show a current configuration.
Have we missed something?
Thanks in advance for any input.
Chad
ip access-list extended BWHOG_data
remark QoS ACL for Heavy Bandwidth usage Data
10 permit tcp any any eq 25
exit
class-map match-any MC_mark
description DSCP marking of Mission Critical Data
match access-group name MC_data
exit
class-map match-any BWREQ_mark
description DSCP marking of Bandwidth Guaranteed Data
match access-group name BWREQ_data
exit
class-map match-any BWHOG_mark
description DSCP marking of Bandwidth usage Data
match access-group name BWHOG_data
exit
--- police & mark -----
policy-map WAN-DS3_edge_mark
class MC_mark
police 9216000 conform-action set-dscp-transmit af32 exceed-action drop
class BWREQ_mark
police 6144000 conform-action set-dscp-transmit af22 exceed-action drop
class BWHOG_mark
police 2048000 conform-action set-dscp-transmit af12 exceed-action drop
class class-default
police 1536000 conform-action transmit exceed-action drop
exit
int ser 6/0
service-policy input WAN-DS3_edge_mark
exit
int fastethernet0/0
service-policy input WAN-DS3_edge_mark
exit
policy-map WAN-T1_edge_mark
class MC_mark
set dscp af32
class BWREQ_mark
police 1344000 conform-action set-dscp-transmit af22 exceed-action drop
class BWHOG_mark
police 448000 conform-action set-dscp-transmit af12 exceed-action drop
exit
int ser 2/1:1
service-policy input WAN-T1_edge_mark
exit
int fastethernet1/0
service-policy input WAN-T1_edge_mark
exit
--- QoS & shape -----
class-map match-any MC_data
description
match dscp af31
match dscp af32
match dscp af33
exit
class-map match-any BWREQ_data
description
match dscp af21
match dscp af22
match dscp af23
exit
class-map match-any BWHOG_data
description
match dscp af11
match dscp af12
match dscp af13
exit
policy-map WAN-DS3_edge
class MC_data
bandwidth 29570
random-detect dscp-based
class BWREQ_data
bandwidth 3072
random-detect dscp-based
shape average 5120000
class BWHOG_data
bandwidth 512
random-detect dscp-based
shape average 1200000
class class-default
fair-queue
exit
int fastethernet 0/0
service-policy output WAN-DS3_edge
exit
int serial 6/0
service-policy output WAN-DS3_edge
exit
policy-map WAN-T1_edge
class MC_data
bandwidth 128
random-detect dscp-based
class BWREQ_data
bandwidth 768
random-detect dscp-based
shape average 1200000
class BWHOG_data
bandwidth 256
random-detect dscp-based
shape average 320000
class class-default
fair-queue
exit
int fastethernet 1/0
service-policy output WAN-T1_edge
exit
int serial 2/1:1
service-policy output WAN-T1_edge
exit