09-30-2014 07:46 AM - edited 03-05-2019 06:53 AM
Hi everyone,
I have a problem with llq policy and a cisco 888EA router. In my test lab, i have an interface vlan1 which connect lan. Second interface is a vlan 3 and simulate a wan connection.
From my linux laptop i send 20Mbit/s of udp trafic, and a phone (on other port in vlan1) try to make a call.
This call is absolutly unusable, voice cut, echo etc.
I have set a LLQ policy on Vlan 3 output but nothing ...
Any ideas ? What is wrong with my config ?
hostname r1
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$aMyD$y6X6MgJzOjzfJFFizYQU6.
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
clock timezone FR 1 0
clock summer-time FR recurring last Sun Mar 2:00 last Sun Oct 3:00
!
!
ip cef
!
!
!
ip dhcp excluded-address 10.0.0.254
!
ip dhcp pool phone-dhcp
network 10.0.0.0 255.255.255.0
domain-name voxity.fr
dns-server 192.168.16.80 8.8.8.8
default-router 10.0.0.254
lease 0 8
!
!
!
no ip domain lookup
no ipv6 cef
!
!
license udi pid C888EA-K9 sn FCZ1837C244
!
!
username admin privilege 15 password 7 07192E54471D00
!
!
!
!
!
controller SHDSL 0
mode efm
dsl-group 0 pairs 0
!
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
track 1 interface Vlan2 ip routing
!
track 2 interface Vlan3 ip routing
!
track 3 list boolean and
object 1
object 2
class-map match-all voice-signaling
match access-group 103
class-map match-all voice-traffic
match access-group 102
!
policy-map VOICE-POLICY
class voice-traffic
priority percent 80
class voice-signaling
bandwidth 200
class class-default
fair-queue
!
!
!
!
!
!
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface Ethernet0
no ip address
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
switchport access vlan 3
no ip address
speed 10
!
interface FastEthernet3
switchport access vlan 2
no ip address
speed 100
!
interface Vlan1
ip address 10.0.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
ip address 192.168.16.175 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface Vlan3
bandwidth 10000
ip address 172.16.3.1 255.255.255.0
ip nat outside
ip virtual-reassembly in
service-policy output VOICE-POLICY
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source route-map adsl interface Vlan3 overload
ip nat inside source route-map sdsl interface Vlan2 overload
ip route 0.0.0.0 0.0.0.0 172.16.3.254
ip route 0.0.0.0 0.0.0.0 192.168.16.1 2
!
ip access-list standard nat1
permit 10.0.0.0 0.0.0.255
!
access-list 100 permit ip host 10.0.0.2 any
access-list 102 permit udp any host 192.168.16.79
access-list 103 permit udp any any eq 5060
access-list 103 permit tcp any any eq 5060
!
route-map sdsl permit 10
match ip address nat1
match interface Vlan2
!
route-map adsl permit 10
match ip address nat1
match interface Vlan3
!
event manager applet clearnat
event track 3 state any
action 1.0 cli command "enable"
action 1.5 cli command "clear ip nat trans *"
action 2.0 syslog priority notifications msg "Nat translation cleared!"
!
end
show policy-map interface vlan 3 output
Vlan3
Service-policy output: VOICE-POLICY
queue stats for all priority classes:
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
Class-map: voice-traffic (match-all)
28492 packets, 6150256 bytes
5 minute offered rate 52000 bps, drop rate 0000 bps
Match: access-group 102
Priority: 80% (8000 kbps), burst bytes 200000, b/w exceed drops: 0
Class-map: voice-signaling (match-all)
99 packets, 66993 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group 103
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 77/52806
bandwidth 200 kbps
Class-map: class-default (match-any)
192300 packets, 278670064 bytes
5 minute offered rate 1080000 bps, drop rate 0000 bps
Match: any
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops/flowdrops) 0/0/0/0
(pkts output/bytes output) 3212/741752
Fair-queue: per-flow queue limit 16 packets
Thanks for you help,
Regards.
09-30-2014 12:57 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Does this model 800 have a "WAN" port? If so, try your WAN connection on that. If your simulated WAN offers less than FE bandwidth, shape for the available bandwidth.
09-30-2014 11:55 PM
Hi,
Yes 800 have a wan port, but in my case, i dont have a SHDSL connection on my office, so i "simulate" wan connection on FE.
I have set speed to 10Mbits-FD on FastEthernet2 and i send for my laptop 20Mbit/s of udp trafic. 50% of this trafic has been drop but if i make a voice call during speed test, rtp trafic has been dropped to...
As you can see, i have set an access list 102 with a dest IP address. This adress is asterisk voice server. This trafic should be more prioritaire than "classic" udp trafic, and voice packets should not be dropped no ?
Regards.
10-01-2014 02:51 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The possible problem is, your QoS is applied on the SVI not the physical port and so I believe the VLAN doesn't respond to its single VLAN ports as you would expect. An indication of this is if you're sending faster than your egress bandwidth but not seeing any (?) drops in your policy (if true, the SVI doesn't "see" the congestion). (Yea, and I know, you only have the one port in the VLAN, but the congestion still could be on the physical port, not SVI.)
The foregoing is why I suggested using the "WAN" port; often on 800s, it supports routed port QoS. (And yes, understand on your model it's not an Ethernet port, so you're unable to easily test with it.)
So, again, you might try a shaper on the SVI (if supported) (also note, I believe most shapers don't account for L2 overhead, so you'll need to shape "slower").
10-01-2014 05:38 AM
Hum ok, thank for your answer, i think that SVI does not see congestion because drop's counter has not been increased even if paquets has been droped.
So packets will not be classifed if i use lan port as a second wan port.
Many thanks for you answer,
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide