A Hierarchical QoS Issue

Vivek Bannore · ‎02-15-2012

Hi Community,

Scenario:

HQ WAN Router already has a QoS Policy applied on its WAN port (30M link) [HQ has several branch sites and no issues with the rest of them except one branch. That one branch will be spoken about in this thread]
Branch WAN Router is on a 4M link and has no QoS policy - voice traffic from HQ to Branch is getting affected.
ISP QoS is not possible at this moment due to cost reasons

Config:

HQ WAN Router - Current

interface GigabitEthernet0/1
 service-policy output wan-qos
class-map match-any mgmt match access-group name mgmt
class-map match-any ldap match protocol ldap
class-map match-any abcd match access-group 112
class-map match-any voip-signal match protocol skinny
 match protocol mgcpclass-map match-any voip-media
 match protocol rtp
class-map match-any rdp
 match access-group 111

!         
policy-map wan-qos
 class iccs    bandwidth 1024
 class voip-media    priority 164
 class voip-signal    bandwidth 48
 class rdp
    bandwidth 64 
 class mgmt
    bandwidth 16
 class ldap    bandwidth 32
 class class-default
     random-detect
!

New QoS policy for HQ to Branch voice traffic

***** Classify Voice traffic to Branch *****access-list 102 permit ip <HQ IP>  <Branch IP>
class-map voice-branch-traffic
 match access-group 102 
***** Giving voice traffic a guarantee of 200 kbps with a burst of ~ 20kbps *****
policy-map Priority-Voice-branch-Traffic
 class voice-branch-traffic  
  priority 200 20000
***** Max traffic out to branch will be limited to 3.6Mbps (10% reserved) *****policy-map  branch-Trafficclass class-default
  shape average 3600000
  service-policy Priority-Voice-branch-Traffic

Now to apply this new QoS policy within the already current (wan-qos) of the HQ router, would the following way be correct ?

policy-map wan-qos
 class abcd    bandwidth 1024
 class voip-media    priority 164
 class voip-signal    bandwidth 48
 class rdp
    bandwidth 64 
 class mgmt
    bandwidth 16
 class ldap    bandwidth 32
 class class-default
     shape average 30000000 ----> HQ WAN Link is 30M (random-detect had to be removed to apply the policy)
     service-policy branch-Traffic ---->  Shaping HQ to Branch Voice traffic to be less than 3.6M

Is this the correct way to apply the new "branch-Traffic" QoS policy under the existing one "wan-qos" on the HQ router ?

Regards

Vivek

Eugene Khabarov · ‎02-16-2012

Hi! This is correct. Here is the example with policer you can reference:

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ft3level.html

Joseph W. Doherty · ‎02-16-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Hmm, not quite right for the following reasons.

First, if your going shape traffic to 30 Mbps, you need to shape all traffic. Your parent's shaper is only defined in class-default; other classes could exceed the 30 Mbps limit.

Second, some shapers, I believe don't account for L2 overhead, and if they don't you need to account for that. Unfortunately, L2 overhead, as a percentages, varies based on frame's size. (Often setting shaper to 10 to 15% below nominal rate seems to work okay.)

Third, when supporting VoIP, where jitter is a consideration, you may need to minimize Tc from default. Different platforms/IOSs have different defaults, usually either 4 ms or 25 ms.

Forth, ideally you would want to shape all 4 Mbps for the branch, also using the above considerations, but if a 3 level hierarchy isn't supported, yours is good, but again because of strict timing considerations for VoIP, you want the child's shaper to use a small Tc too. For this configuration, you do want a separate child class for VoIP, but LLQ won't really trigger unless the child policy sees congestion at the parent's shaper.

PS:

Also working VoIP, you sometimes also need to adjust tx-ring-limit.

Vivek Bannore · ‎02-16-2012

Thank you for your comments Eugene & Joseph.

JosephDoherty wrote:

First, if your going shape traffic to 30 Mbps, you need to shape all traffic. Your parent's shaper is only defined in class-default; other classes could exceed the 30 Mbps limit.

The physical interface has a limit placed on it as 30M bandwidth and so the bandwidth within the classes of "wan-qos" should come into effect and not send anything more than the 30M limit set of the interface.

JosephDoherty wrote:


Forth, ideally you would want to shape all 4 Mbps for the branch, also  using the above considerations, but if a 3 level hierarchy isn't  supported, yours is good, but again because of strict timing  considerations for VoIP, you want the child's shaper to use a small Tc  too.  For this configuration, you do want a separate child class for  VoIP, but LLQ won't really trigger unless the child policy sees  congestion at the parent's shaper.

All other branches have good bandwidth wan links except this particular branch which only has a 4m link. I think a 3-level hierarchy is supported on the WAN router. The only issue was I wasn't sure if my configuration was following the best pratice in terms of combining the QoS policies.

So the way I have configured and combined the QoS policy, is that correct ? I'll research the tx-ring-limit and Tc values as well.

Thanks

Vivek

Joseph W. Doherty · ‎02-16-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

"The physical interface has a limit placed on it as 30M bandwidth and so the bandwidth within the classes of "wan-qos" should come into effect and not send anything more than the 30M limit set of the interface."

I would expect a rate limit, but you miss the issue. If class-default is shaped to 30 Mbps while class abcd adds another 10 Mbps, your policy would allow sending 40 Mbps but the provider's rate limiter will drop 25% of your traffic. Problem is, the 25% can also be your class-default. Rate limiters don't create back pressure, i.e. nothing is queued.

"I think a 3-level hierarchy is supported on the WAN router. The only issue was I wasn't sure if my configuration was following the best pratice in terms of combining the QoS policies.

So the way I have configured and combined the QoS policy, is that correct ? I'll research the tx-ring-limit and Tc values as well."

If a 3-level is supported, you want a structure something like:

policy-map level1

class class-default

shape average 30000000

service policy level2

policy-map level2

class abcd

bandwidth x

.

class ldap

bandwidth y

class special-branch

shape average 4000000

service policy level3

policy-map level3

class voice

priority 200

class class-default

fair-queue