Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5085
Views
0
Helpful
22
Replies

Need help understanding QoS and police command

Go to solution
philldogger
Level 1
Level 1

‎12-02-2010 10:40 AM - edited ‎03-04-2019 10:39 AM

Let me first state I am not an WAN admin, but do architect Exchange and Sharepoint, and have some basic questions that I can't seem to get answered from our own internal IT.  Here it goes:

Our WAN infrastructure comprises of many MPLS sites and we use priority QoS in this order:  VoIP, oracle apps, RDP/intranet, default.  What happens, almost every day is outlook cachemode profiles are setup for a new machine, wiped machine, etc...and these large OST files begin to congest the WAN lines.  While they don't effect VoIP, oracle, rdp/intranet, because of priority it basically kills everything else in default like internet, file transfer, etc...  We don't want to move internet and file transfer traffic out of default because we don't want a reverse effect where someone starts downloading large files from the internet and next thing we know we have email issues because it's a lower priority than internet now.  What I'd like to see is exchange traffic bumped up out of default into it's own priority, and that priority cannot exceed a certain maximum....EVEN when there is no congestion on the WAN line.  For example, exchange priority is set to max at 30% on a line, 5 users begin to cache large outlook profiles, and the users browsing the internet from the default queue don't see a performance hit since the default queue continues to use whatever is available...and it just so happens that 60-70% is available because now exchange can only max out at 30% even though it's higher than the default queue.

I read this is possible associating a police command with a priority....but I don't fully understand.  thanks for the help!

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
niro
Level 1
Level 1

‎12-02-2010 11:14 AM

You should put exchange in it's own queue, however you don't necessarily need to police that queue to a maximum amount of bandwidth.  What your network team should do is set a guaranteed amount of traffic for the exchange queue (say 30%) and a guaranteed amount of traffic for the default queue, (say 40%, depending on how the other queues are set up).

That way either queue will be allowed to use whatever bandwidth they require, however if there is any congestion the queues will begin to be dropped if they are over their guaranteed allotment.

View solution in original post

0 Helpful

Go to solution
niro
Level 1
Level 1
In response to philldogger

‎12-02-2010 12:34 PM

One thing to understand about cisco QoS is that it doesn't actually get triggered unless there is congestion on the line, with the exception of the priority queue (which typically only gets VoIP traffic).

Other than VoIP traffic all other queues will get equal treatment if there is no congestion, however when the line does get congested, each queue is only guaranteed the traffic that is configured (30% for exchange and 40% for default, in our example).  So during the time the line is congested, your exchange traffic is only guaranteed to get 30% of the bandwidth, anything above 30% can be dropped to allow traffic from other queues.

View solution in original post

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to philldogger

‎12-02-2010 02:09 PM

Hi,

policing and shaping have got nothing to do with congestion management, what they are doing is limit bandwidth used by some traffic but in 2 different ways and to solve different problems.

if you want traffic exceeding some rate to be dropped then you must police and if you want traffic exceeding to be buffered ten you must shape.

So you can put exchange in a separate class and police in policy-map for this class.So this traffic won't eat the bandwidth of the others.

Regards.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
22 Replies 22

Go to solution
Mohamed Sobair
Level 7
Level 7

‎12-02-2010 11:09 AM

Hi,

You dont need that, the priority command implemets policer within the class when its configured. and it defines the maximum reserved bandwidth for the class, its always dequed first and served first, however, when a 30% bandwidth limit is reached , it drops the exceeded traffic.

May I ask what is your exact objective?

Regards,

Mohamed

0 Helpful

Go to solution
niro
Level 1
Level 1

‎12-02-2010 11:14 AM

You should put exchange in it's own queue, however you don't necessarily need to police that queue to a maximum amount of bandwidth.  What your network team should do is set a guaranteed amount of traffic for the exchange queue (say 30%) and a guaranteed amount of traffic for the default queue, (say 40%, depending on how the other queues are set up).

That way either queue will be allowed to use whatever bandwidth they require, however if there is any congestion the queues will begin to be dropped if they are over their guaranteed allotment.

0 Helpful

Go to solution
philldogger
Level 1
Level 1
In response to niro

‎12-02-2010 12:19 PM

Help me to understand this better:  If I create an exchange queue set to 30% but it has no maximum, and I set the default queue to 40%, since the exchange queue is a higher priority level on the food chain....wouldn't it just take up all the bandwidth it wants to during non-congestion and gimping the default queue?  Or does priority levels not matter and setting default to 40% would allow it to take some bandwidth from exchange when it's using more than it's 30% allotment?

thanks,

0 Helpful

Go to solution
niro
Level 1
Level 1
In response to philldogger

‎12-02-2010 12:34 PM

One thing to understand about cisco QoS is that it doesn't actually get triggered unless there is congestion on the line, with the exception of the priority queue (which typically only gets VoIP traffic).

Other than VoIP traffic all other queues will get equal treatment if there is no congestion, however when the line does get congested, each queue is only guaranteed the traffic that is configured (30% for exchange and 40% for default, in our example).  So during the time the line is congested, your exchange traffic is only guaranteed to get 30% of the bandwidth, anything above 30% can be dropped to allow traffic from other queues.

0 Helpful

Go to solution
lapinmort
Level 1
Level 1

‎12-02-2010 11:50 AM

It may be time to get Cable or DSL service, and offload your HTTP, HTTPS, and other non-priority Internet traffic on that circuit using policy based routing (PBR). There's a limit to what policing and traffic shaping can do for you. Looks to me like you've reached that limit.

Rado

0 Helpful

Go to solution
philldogger
Level 1
Level 1
In response to lapinmort

‎12-02-2010 12:13 PM

I agree we need a split tunnel of some sorts to offload internet, however implementing that takes longer than providing a QoS change now.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to philldogger

‎12-02-2010 12:55 PM

Niro,

software queuing is only when there is congestion and it is true for priority queue also but the difference is that this queue is policed contrary to others that get a min bandwidth.

Regards.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
philldogger
Level 1
Level 1
In response to cadet alain

‎12-02-2010 01:02 PM

when you say priority queue are you always referring to the highest VoIP queue?  Can other queues besides the priority queue create queues that can be policed?  just trying to understand....

0 Helpful

Go to solution
niro
Level 1
Level 1
In response to philldogger

‎12-02-2010 01:07 PM

Chad, yes.  There is only 1 "priority" queue, which is where typically VoIP traffic gets placed...it gets priority over all other queues at all times, which is why it needs to be policed.  You CAN police other queues, however in your case I don't necessarily think you need to do that.

0 Helpful

Go to solution
niro
Level 1
Level 1
In response to cadet alain

‎12-02-2010 01:03 PM

From my understand no queue gets forwarded until the priority queue is emptied.  It's designed for applications with low latency requirements (hence the name Low Latency Queue), like VoIP.  The reason it gets policed is because since it gets forwarded before any other queues even when there is no congestion, without policing it can "starve off" other traffic, even if the line is not 100% utilized.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to niro

‎12-02-2010 01:11 PM

LLQ is a congestion management method so as the name implies it can't engage when there is no congestion.

When Tx ring is not full then no software queuing but hardware queuing which is FIFO so no priority.

Regards.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
lapinmort
Level 1
Level 1
In response to philldogger

‎12-02-2010 01:33 PM

Try Low Latency Queuing with traffic shaping.

Assuming your traffic is already marked, you can match the marked traffic in class-maps, then create a LLQ policy map:

Example:

class-map match-any DATA_LOW
match  dscp af11

class-map match-any DATA_HIGH
match  dscp af31

class-map match-any VOICE
match  dscp ef

! Before you set the percentages here, note that Cisco routers by default will reserve 25% of the bandwidth for Best Effort traffic

! unless you explicitly override it. That leaves 75% of the total bandwidth for you to play with.

policy-map LLQ
class VOICE
  priority percent 20
class DATA_HI
  bandwidth percent 40
class DATA_LO
  bandwidth percent 20
class class-default
  fair-queue

! Then match all the above traffic

class-map match-any ALL_TRAFFIC
match class-map VOICE
match class-map DATA_HI
match class-map DATA_LO


! And shape that mama like there's no tomorrow

policy-map SHAPE
class ALL_TRAFFIC

! We shape around the average here, so that you don't run the risk of losing packets out there by bursting over your CIR.
  shape average 1500000
  service-policy LLQ

Then you apply your SHAPE policy map to your serial/T1 interface, or whatever WAN interface you have, and you're good to go.

You can check with:

# sh policy-map interface

Note that traffic shaping works best only when your traffic has temporary excess bursts, not sustained ones. Otherwise you'll have to deal with a major traffic jam that puts Manhattan and LA's records combined to shame.  If that's the case, you would need to consider getting a link with a higher bandwidth, or offloading Best Effort traffic to another WAN link using PBR. Or put a cop there (policing), that will drop traffic exceeding the bandwidth limit for its class, or requeue it with a lower priority. If you have voice though, LLQ is supposed to be the best QOS solution available.

Good luck.

Rado

0 Helpful

Go to solution
philldogger
Level 1
Level 1
In response to lapinmort

‎12-02-2010 01:41 PM

Thanks Rado, my original thought was to just put exchange in it's own class/queue (dont even know if those are the same thing) and police to not exceed a maximum.  Shaping looks interesting but also looks like a lot of planning, and it seems moving exchange to it's own queue seems logical at this point.  Whether or not I should police the new exchange queue is what I'm trying to understand now.  That probably depends on the current priority precentage breakdowns for the other queues currently.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to philldogger

‎12-02-2010 02:09 PM

Hi,

policing and shaping have got nothing to do with congestion management, what they are doing is limit bandwidth used by some traffic but in 2 different ways and to solve different problems.

if you want traffic exceeding some rate to be dropped then you must police and if you want traffic exceeding to be buffered ten you must shape.

So you can put exchange in a separate class and police in policy-map for this class.So this traffic won't eat the bandwidth of the others.

Regards.

Don't forget to rate helpful posts.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card