Hierarchical QoS Policy

k.hariharan1 · ‎03-04-2011

Hi,

I have the Hierarchical QoS Policy as mentioned below, there are three different types of traffic CBS , WEB , ANTIVIRUS.

My requirement is whenever there is no traffic matching the CBS and WEB class antivirus traffic should utilize the full bandwidth, but when there is a traffic for CBS and WEB , automatically the antivirus traffic should come down to the CIR value to make sure that CBS and web traffic is utilizing its bandwidth. Let me know whether the below config will meet the requirement or not.

class-map match-any CBS

match dscp af11

class-map match-any WEB

match dscp af21

class-map match-any Antivirus

match dscp af31

policy-map NETWORK-A-SERVICE

class CBS

bandwidth percent 50

random-detect dscp-based

class WEB

bandwidth percent 15

random-detect dscp-based

class Antivirus

police 10000 8000 8000 confirm-action transmit

policy-map parent

Class class-default

shape average 64000

service-policy child

interface FastEthernet2/1

service-policy input parent

Regards,

Hariharan k

gfcisco31 · ‎03-04-2011

Hi Hariharan k,

Not sure if i understood exactly what you mean but .... here´s what i got

" My requirement is whenever there is no traffic matching the CBS and WEB class antivirus traffic should utilize the full bandwidth"

.

If there's no congestion, the classes will share the full bandwidth, so... if there´s just antivirus traffic, it can use the full bandwidth.

" but when there is a traffic for CBS and WEB , automatically the antivirus traffic should come down to the CIR value to make sure that CBS and web traffic is utilizing its bandwidth "

from what i understood, what you mean is: When there´s congestion, antivirus traffic should get no more than a busrt of 10 k ( as per your class config), is that right ? if so... i would configure a exceed drop action of DROP under your antivirus class. Or if the antivirus traffic should have a priority over all classes, you can configure a stritc priority queue, (LLQ) for this class.

remember... policing and shaping happens regardless of congestion, queueing is only if congestion on the interface

hope that helps

k.hariharan1 · ‎03-05-2011

Hi Gustavo,

Thanks for your reply, and your understanding is correct.

as you mentioned i agree "policing and shaping happens regardless of congestion".

I dont want to give LLQ for Antivirus traffic. what else we can do for achieving my requirement.

My requirement is , when there is no conjestion antivirus traffic should utilize full bandwidth.

During conjestion antivirus traffic should not utilize more than the bandwidth which is alloted to its respective class.

Problem:

In my Network currently , i have configured "bandwidth" command for all the three class, because of that when there is an antivirus traffic, its utilizing full bandwidth eventhough i have given 10 kbps and due to which CBS and WEB traffic are dropped during the AV updation.

Regards,

Hariharan k

Kishore Chennupati · ‎03-06-2011

Hi Hari,

The reason what I believe is happening here is that your police statement is not policing anything to 10kbps.

The below statement is saying if your AV traffic is 10kbps then transmit it. You have not set any Peak rate or any conditions as to what will happen if it exceeds 10kbps.

*** from your post

class Antivirus

police 10000 8000 8000 confirm-action transmit

What you could do is to put the below

class Antivirus

police 10000 8000 8000 confirm-action transmit exceed-action drop

or

police cir 10000 bc 8000 pir 10000 be 8000        << basically saying the minimum and maximum rate is 10kbps and not more than that

confirm-action transmit exceed-action drop

or you can transmit that with a low precedence

class Antivirus

police 10000 8000 8000 confirm-action transmit exceed-action set-dscp-transmit AF11

HTH

Regards,

Please rate if helpful