Solved: DisclaimerThe Author of this

andy roles · ‎07-01-2014

Hi. Thanks viewing my post!

I'm trying out some QoS configuration for a VDI deployment and have a problem with our 6509 switches not marking the traffic (possibly user error)..

As VDI solutions don't seem to have the ability to mark traffic at the server or client (unlike phones system server/clients etc) I've had to resort to marking traffic on the access switches.

At the moment, as a test, I'm just trying to mark telnet traffic with a dscp value of 34 (af41). I am seeing hits on the access-lists but the policy-map PCoIP_Set_AF41 doesn't seem to be setting the dscp value to 34 as I want.

Please could somebody advise where I'm going wrong or provide some troubleshooting tips?

Thank you,

Andy

access-list 100 permit tcp any any eq telnet

class-map match-all PCOIP-IN
match access-group 100

policy-map PCoIP_Set_AF41
class PCOIP-IN
set dscp af41

interface Vlan33
description ....
*** output omitted ***
standby 33 preempt
service-policy input PCoIP_Set_AF41

Joseph W. Doherty · ‎07-01-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

On a 6500, if you use a VLAN based policy, I believe you're supposed to configure the physical port to use the policy attached to the VLAN interface. You can also apply policies, I also believe, to the physical interfaces, but with pre-sup2Ts, you exceed some QoS limits if you don't use VLAN based policies.

If your WAN router supports HQF, I would recommend something like:

Policy Map WAN_QoS
    Class IPVoice-Priority
      priority percent 33
    Class PCoIP-Priority
      bandwidth remaining percent 99
      fair-queue !or not, i.e. optional
    Class class-default
      bandwidth remaining percent 1
      fair-queue

If your router doesn't support HQF, would suggest upgrading to an IOS that does.

View solution in original post

Joseph W. Doherty · ‎07-01-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Do your physical (VLAN 33) ingress ports have "mls qos vlan-based"?

Your PCoIP is matching Telnet. Your ACL 100 should be something more like:

ip access-list extended QOS-ACL-PCOIP

permit tcp any any eq 4172

permit udp any any eq 4172

permit tcp any any eq 32111

permit tcp any eq 4172 any

permit udp any eq 4172 any

permit tcp any eq 32111 any

andy roles · ‎07-01-2014

Hi Joseph,

Thanks for your response.

I was using telnet just to keep it simple when generating test traffic with the intention of building a suitable ACL once I'd witnessed the markings being applied by the 6509s.

With regards to the 'mls qos vlan-based' I've appended that line of config to my own office access port but I'm still not seeing the traffic being marked? I have to confess - it's the first time I've seen that command :o)

Have you got any other ideas as to what the problem could be?

Additionally - I have another quick question here and wondered if you could give me your opinion?

From your ACL proposal I'm guessing you're familiar with VDI deployment. I've been trying to find good consistent information regarding best practice for deploying QoS for VDI but this hasn't been easy. I've ended up with the following policy on our 100Mbps WAN link:

Policy Map WAN_QoS
    Class IPVoice-Priority
      priority 30000 (kbps)
    Class PCoIP-Priority
      bandwidth 40000 (kbps)
    Class class-default
      fair-queue

Do you think this looks sensible or do you think I would I be best to just allocate bandwidth to voice rather than give it priority?

Thanks again!

Andy

Joseph W. Doherty · ‎07-01-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

On a 6500, if you use a VLAN based policy, I believe you're supposed to configure the physical port to use the policy attached to the VLAN interface. You can also apply policies, I also believe, to the physical interfaces, but with pre-sup2Ts, you exceed some QoS limits if you don't use VLAN based policies.

If your WAN router supports HQF, I would recommend something like:

Policy Map WAN_QoS
    Class IPVoice-Priority
      priority percent 33
    Class PCoIP-Priority
      bandwidth remaining percent 99
      fair-queue !or not, i.e. optional
    Class class-default
      bandwidth remaining percent 1
      fair-queue

If your router doesn't support HQF, would suggest upgrading to an IOS that does.

andy roles · ‎07-02-2014

Hi Joseph.

Thanks for your help on this. Very much appreciated.

I've been pulled on to other stuff since yesterday but I'm hoping to give your suggestions a try later today.

I'll update once I've tried this out.

Thanks again.

Andy

andy roles · ‎07-03-2014

Hi Joseph,

I tried variations of applying the 'service-policy input PCoIP_Set_AF41' command. I put it on my access port on the 6509, the vlan 33 SVI interface and both. I noticed also that the 'mls qos vlan-based' command, when applied to my access-port resulted in an overriding of the 'service-policy input PCoIP_Set_AF41' command'.

e.g:

RS03-6509E-DIST-ML-0(config-if)#mls qos vlan-based
QOS: Interface GigabitEthernet3/23 have at least one service-policy
associated with it. 'mls qos vlan-based' overrode service-policy
configuration(s).
RS03-6509E-DIST-ML-0(config-if)#

If you have any further ideas that would be much appreciated! I'm at a bit of a loss with this.

Andy

andy roles · ‎08-12-2014

Hi Joseph.

I've been off the grid for a while. Just wanted to say thanks for your response. I tried out the 'mls qos vlan-based' commands and they worked :o).

Thanks also for your recommendations around policies.

Regards,

Andy

Joseph W. Doherty · ‎08-12-2014

Thanks for letting us know.

My traffic isn't getting marked! QoS