11-08-2012 06:16 AM - edited 03-04-2019 06:04 PM
Hi All,
Its good to be here again and I'll specially want to thank all contributors to this forum.
Below is a sample configuration of my Router. I am trying to do QOS on the IPSEC VPN tunnel so that voice traffic can be given priority over other traffics (I am using non cisco IP phones).
I want to know if this config is ok and working because I have not noticed any improvement in voice quality, if not ok pls can someone give me a better suggestion? (I used SDM for the QOS configuration). Below the show run is a sho policy map output.
Building configuration...
Current configuration : 4867 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no aaa new-model
clock timezone utc 1
!
crypto pki trustpoint TP-self-signed-3885639516
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3885639516
revocation-check none
rsakeypair TP-self-signed-3885639516
!
!
ip cef
!
!
ip domain name masters
ip name-server 4.2.2.2
!
multilink bundle-name authenticated
password encryption aes
!
!
crypto isakmp policy 1
encr aes 256
hash md5
authentication pre-share
group 2
crypto isakmp key 6 B^ address 4.7.8.74
!
!
crypto ipsec transform-set ME-VPN esp-aes 256 esp-md5-hmac
!
crypto map VPN-TO-PH 10 ipsec-isakmp
description SET PEER TO PH IP ADDRESS
set peer 4.7.8.74
set transform-set ME-VPN
match address VPN-TRAFFIC
!
archive
log config
hidekeys
!
!
!
class-map match-any SDM-Transactional-1
match dscp af21
match dscp af22
match dscp af23
class-map match-any P2P
match protocol bittorrent
class-map match-any SDM-Signaling-1
match dscp cs3
match dscp af31
class-map match-any SDM-Routing-1
match dscp cs6
class-map match-any SDM-Voice-1
match dscp ef
class-map match-any SDM-Management-1
match dscp cs2
!
!
policy-map SDM-QoS-Policy-1
class SDM-Voice-1
priority percent 33
class SDM-Signaling-1
bandwidth percent 5
class SDM-Routing-1
bandwidth percent 5
class SDM-Management-1
bandwidth percent 5
class SDM-Transactional-1
bandwidth percent 5
class class-default
fair-queue
random-detect
policy-map P2P
class P2P
drop
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet0
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
service-policy input P2P
!
interface FastEthernet1
ip address 4.7.8.130 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map VPN-TO-PH
service-policy output SDM-QoS-Policy-1
interface Vlan1
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 4.7.8.129
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source route-map LAT interface FastEthernet1 overload
!
ip access-list extended VPN-TRAFFIC
permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
!
access-list 100 remark EXCLUDED FROM NAT
access-list 100 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.255 any
access-list 100 remark
!
!
!
route-map LAT permit 1
match ip address 100
end
Lagos#sho policy-map int f1
FastEthernet1
Service-policy output: SDM-QoS-Policy-1
Class-map: SDM-Voice-1 (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: dscp ef (46)
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Strict Priority
Output Queue: Conversation 264
Bandwidth 33 (%)
Bandwidth 33000 (kbps) Burst 825000 (Bytes)
(pkts matched/bytes matched) 0/0
(total drops/bytes drops) 0/0
Class-map: SDM-Signaling-1 (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: dscp cs3 (24)
0 packets, 0 bytes
5 minute rate 0 bps
Match: dscp af31 (26)
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Output Queue: Conversation 265
Bandwidth 5 (%)
Bandwidth 5000 (kbps)Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: SDM-Routing-1 (match-any)
442 packets, 37367 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: dscp cs6 (48)
442 packets, 37367 bytes
5 minute rate 0 bps
Queueing
Output Queue: Conversation 266
Bandwidth 5 (%)
Bandwidth 5000 (kbps)Max Threshold 64 (packets)
(pkts matched/bytes matched) 411/31965
(depth/total drops/no-buffer drops) 0/0/0
Class-map: SDM-Management-1 (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: dscp cs2 (16)
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Output Queue: Conversation 267
Bandwidth 5 (%)
Bandwidth 5000 (kbps)Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: SDM-Transactional-1 (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: dscp af21 (18)
0 packets, 0 bytes
5 minute rate 0 bps
Match: dscp af22 (20)
0 packets, 0 bytes
5 minute rate 0 bps
Match: dscp af23 (22)
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Output Queue: Conversation 268
Bandwidth 5 (%)
Bandwidth 5000 (kbps)Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
2820661 packets, 548265388 bytes
5 minute offered rate 185000 bps, drop rate 0 bps
Match: any
Queueing
Flow Based Fair Queueing
Maximum Number of Hashed Queues 256
(total queued/total drops/no-buffer drops) 0/0/0
exponential weight: 9
class Transmitted Random drop Tail drop Minimum Maximum Mark
pkts/bytes pkts/bytes pkts/bytes thresh thresh prob
0 2820573/548172293 0/0 0/0 20 40 1/10
1 6/360 0/0 0/0 22 40 1/10
2 0/0 0/0 0/0 24 40 1/10
3 0/0 0/0 0/0 26 40 1/10
4 0/0 0/0 0/0 28 40 1/10
5 0/0 0/0 0/0 30 40 1/10
6 0/0 0/0 0/0 32 40 1/10
7 0/0 0/0 0/0 34 40 1/10
rsvp 0/0 0/0 0/0 36 40 1/10
Thanks.
Tom