Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5637
Views
0
Helpful
2
Replies

Metro ethernet router config question(s)

isd_arizona
Level 1
Level 1

‎09-28-2012 09:47 AM - edited ‎03-04-2019 05:42 PM

One of my clients recently moved from T1 connections to a Metro Ethernet through the local cable/internet provider (COX)
They have 4 locations
HUB: 10/10Mbps
Remote1: 3/3Mbps
Remote2: 3/3Mbps
Remote3: 3/3Mbps

We have had nothing but problems ever since switching to the new carrier.  Support calls have gone up the top engineers - they claim something's amiss with our config.  The engineer says they're seeing bursts of 40-125Mbps from HUB which is causing the problems.

Here's what I'm trying to do:


1)  Limit the connection speed from HUB to each remote office to 3Mbps and vise versa.  If we send more data than that, we run the risk of the line going down - essentially a cable modem reboot.


2)  Prioritize traffic in the following order - 1: VOIP, 2: RDP and SQL, 3: all other data

Physical layout: HUB Office>L2 Switch>Router>Cable Modem<=>COX Metro Ethernet<=>Cable Modem<Router<L2 Switch<Remote Office

I have gone through the config several times, but I fear I am missing something.  Being new to traffic shaping - i'm sure that's the case.

Here's the pertinent config from the HUB router (Cisco 2811).

class-map match-any PRIORITY
match access-group name MATCH-RDP
match protocol sqlserver
class-map match-all Estrella
match access-group name Estrella-Subnets
class-map match-all Anthem
match access-group name Anthem-Subnets
class-map match-any VOICE-MEDIA
match protocol h323
match ip dscp ef
match ip rtp 16384 16383
class-map match-all Arrowhead
match access-group name Arrowhead-Subnets

policy-map Remote_Offices
class Anthem
  shape average 2500000
class Arrowhead
  shape average 2500000
class Estrella
  shape average 2500000
class VOICE-MEDIA
  set ip dscp ef
  bandwidth percent 33
class PRIORITY
  set ip dscp af13
  bandwidth percent 33
class class-default
  set ip dscp default
  bandwidth percent 10
policy-map OUTPOLICY
class class-default
  shape average 7500000
  service-policy Remote_Offices

interface FastEthernet0/0
description LAN_192.168.100.253$ES_LAN$
ip address 192.168.100.253 255.255.255.0
duplex auto
speed auto

interface FastEthernet0/1
description VOICE_192.168.150.253
ip address 192.168.150.253 255.255.255.0
duplex auto
speed auto

interface FastEthernet0/3/0
description CME
bandwidth 10240
ip address 10.0.3.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip route-cache flow
load-interval 30
duplex auto
speed auto
no mop enabled
service-policy output OUTPOLICY

router eigrp 1
redistribute static
network 10.0.3.0 0.0.0.7
network 192.168.100.0
network 192.168.150.0
auto-summary

ip default-gateway 192.168.100.10
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.100.10
ip route 192.168.101.0 255.255.255.0 10.0.3.3
ip route 192.168.102.0 255.255.255.0 10.0.3.4
ip route 192.168.103.0 255.255.255.0 10.0.3.2
ip route 192.168.150.0 255.255.255.0 FastEthernet0/1
ip route 192.168.151.0 255.255.255.0 10.0.3.3
ip route 192.168.152.0 255.255.255.0 10.0.3.4
ip route 192.168.153.0 255.255.255.0 10.0.3.2

ip access-list extended Anthem-Subnets
permit ip 192.168.103.0 0.0.0.255 any
permit ip 192.168.153.0 0.0.0.255 any
ip access-list extended Arrowhead-Subnets
permit ip 192.168.101.0 0.0.0.255 any
permit ip 192.168.151.0 0.0.0.255 any
ip access-list extended Estrella-Subnets
permit ip 192.168.102.0 0.0.0.255 any
permit ip 192.168.152.0 0.0.0.255 any
ip access-list extended MATCH-RDP
permit tcp any eq 3389 any
permit tcp any any eq 3389
deny   ip any any
============================================================
Config from one of the remote offices (Cisco 1841)

class-map match-any PRIORITY
match access-group name MATCH-RDP
match protocol sqlserver
class-map match-any VOICE-MEDIA
match protocol h323
match ip dscp ef
match ip rtp 16384 16383

policy-map Remote_Offices
class VOICE-MEDIA
  set ip dscp ef
  priority percent 33
class PRIORITY
  set ip dscp af13
  priority percent 33
class class-default
  set ip dscp default
  bandwidth percent 10
policy-map OUTPOLICY
class class-default
  shape average 2500000
  service-policy Remote_Offices

interface GigabitEthernet0/0
description CME
bandwidth 3072
ip address 10.0.3.3 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
duplex auto
speed auto
no mop enabled
service-policy output OUTPOLICY

interface GigabitEthernet0/1
no ip address
duplex auto
speed auto

interface GigabitEthernet0/1.101
description DATA VLAN 101
encapsulation dot1Q 101 native
ip address 192.168.101.253 255.255.255.0

interface GigabitEthernet0/1.151
description VOICE VLAN 151
encapsulation dot1Q 151
ip address 192.168.151.253 255.255.255.0

router eigrp 1
network 10.0.3.0 0.0.0.7
network 192.168.101.0
network 192.168.151.0
redistribute static

ip route 0.0.0.0 0.0.0.0 10.0.3.1

ip access-list extended MATCH-RDP
permit tcp any eq 3389 any
permit tcp any any eq 3389
deny   ip any any

Labels:
0 Helpful
2 Replies 2

Jeff Van Houten
Level 5
Level 5

‎09-29-2012 06:49 AM

Your policy map is not setup hierarchically. Take a look at http://www.cisco.com/en/US/docs/ios/12_1t/12_1t2/feature/guide/clsbsshp.html, specifically the section titled cbwfq inside gts.

Sent from Cisco Technical Support iPad App

0 Helpful

isd_arizona
Level 1
Level 1
In response to Jeff Van Houten

‎10-01-2012 11:56 AM

Thanks Jeff. 

I actually opened a support ticket with TAC on Friday.  The tech said the config looks sound, though we're still having problems.

I read through the document and came up with a different config based on examples given.  Does the following look better?

Again, trying to limit bandwidth to 3Mbps to each remote office (estrella, arrowhead, anthem)  Overall, need to limit fa0/3/0 to 10Mpbs.

ip access-list extended Anthem-Subnets
permit ip 192.168.103.0 0.0.0.255 any
permit ip 192.168.153.0 0.0.0.255 any

ip access-list extended Arrowhead-Subnets
permit ip 192.168.101.0 0.0.0.255 any
permit ip 192.168.151.0 0.0.0.255 any

ip access-list extended Estrella-Subnets
permit ip 192.168.102.0 0.0.0.255 any
permit ip 192.168.152.0 0.0.0.255 any

ip access-list extended MATCH-RDP
permit tcp any eq 3389 any
permit tcp any any eq 3389
deny   ip any any

======================================

class-map match-any PRIORITY
match access-group name MATCH-RDP
match protocol sqlserver

class-map match-all Estrella
match access-group name Estrella-Subnets

class-map match-all Anthem
match access-group name Anthem-Subnets

class-map match-all Arrowhead
match access-group name Arrowhead-Subnets

class-map match-any VOICE-MEDIA
match protocol h323
match ip dscp ef
match ip rtp 16384 16383

=================================

Anthem-classes
  class VOICE-MEDIA
    set ip dscp ef
    bandwidth percent 33
  class PRIORITY
    set ip dscp af13
    bandwidth percent 33
  class class-default
    set ip dscp default
    bandwidth percent 10

Arrowhead-classes
  class VOICE-MEDIA
    set ip dscp ef
    bandwidth percent 33
  class PRIORITY
    set ip dscp af13
    bandwidth percent 33
  class class-default
    set ip dscp default
    bandwidth percent 10

Estrella-classes
  class VOICE-MEDIA
    set ip dscp ef
    bandwidth percent 33
  class PRIORITY
    set ip dscp af13
    bandwidth percent 33
  class class-default
    set ip dscp default
    bandwidth percent 10

policy-map OUTPOLICY
  class class-default
    shape average 7500000
  class Anthem
    shape average 2500000
    service-policy anthem-classes
  class Arrowhead
    shape average 2500000
    service-policy arrowhead-classes
  class Estrella
    shape average 2500000
    service-policy estrella-classes

interface fa0/3/0
  service out OUTPOLICY

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card