Re: Need some help in regards to policy shaping

Joshipiyus81 · ‎07-05-2019

We are encountering skype issues, like degradation in voice calls in one of the UK sites when users call from UK to US.The pipe size is 50mb. Our ISP has categorized our traffic as well and assigned 10mb in service plane for voice, 1.5 mb for vid, 128kb for critical data n so on. when we posted our question to them they replied below:

"The session between x.x.x.x and x.x.x.x seems off to me. Usually you won't see voice traffic that is spiky like this. Especially only inbound. It is not showing that it it's over the 10 Mbps allocated but I have seen something like this before where there are small spikes of traffic like this and it turns out to be much higher utilization than what the portal can show. Basically the traffic is micro bursting.
Can you check these IP's to make sure they are supposed to be in the voice plane? It could be that these IP's are in the wrong queue and thus causing drops in the voice queue. x.x.x.x are skype servers"

We have 50mb pipe and have below QOS policy + silver peak connected to WAN router for WAN optimization. I didnt see any drops in voice class which will indicate the voice class is over utilized.

class-map match-any CLASS-QOS-EIGRP
match access-group name QOS-EIGRP
class-map match-any CLASS-QOS-VIDEO
match access-group name QOS-CONFERENCE-SOURCES
class-map match-any CLASS-QOS-VOICE
match access-group name QOS-VOICE-SOURCES
!
policy-map POLICY-QOS-01
class CLASS-QOS-VOICE
priority percent 20
class CLASS-QOS-VIDEO
priority percent 50
class CLASS-QOS-EIGRP
priority 1000
policy-map POLICY-AVPN-20Mbps ==== not applied anywhere
class class-default
shape average 19000000
service-policy POLICY-QOS-01
policy-map POLICY-AVPN-50Mbps ====> currently in use on WAN interface
class class-default
shape average 49000000
service-policy POLICY-QOS-01

Service-policy output: POLICY-AVPN-50Mbps

Class-map: class-default (match-any)
346130523 packets, 171528610486 bytes
30 second offered rate 1177000 bps, drop rate 0000 bps
Match: any
Queueing
queue limit 203 packets
(queue depth/total drops/no-buffer drops) 0/15300/0
(pkts output/bytes output) 346106759/171501197792
shape (average) cir 49000000, bc 196000, be 196000
target shape rate 49000000

Service-policy : POLICY-QOS-01

queue stats for all priority classes:
Queueing
queue limit 512 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 49669740/11914669856

Class-map: CLASS-QOS-VOICE (match-any)
44565838 packets, 9358494427 bytes
30 second offered rate 25000 bps, drop rate 0000 bps
Match: access-group name QOS-VOICE-SOURCES

Class-map: class-default (match-any)
296460783 packets, 159613940630 bytes
30 second offered rate 1142000 bps, drop rate 0000 bps
Match: any

queue limit 203 packets
(queue depth/total drops/no-buffer drops) 0/15300/0
(pkts output/bytes output) 296437019/159586527936

Mostly i see output drops that will pertain to def class traffic. is QOS policy has something to do with it

Georg Pauwen · ‎07-05-2019

Hello,

--> Our ISP has categorized our traffic as well and assigned 10mb in service plane for voice, 1.5 mb for vid, 128kb for critical data

What is your ISP matching on ? What are YOUR classes matching on ? It looks like you are matching on IP traffic, not on DSCP or EF. Post the full config of your device (and what device it is, since QoS is very platform specific)...

Joshipiyus81 · ‎07-08-2019

Thanks for the reply, please see below acess list for voice class

#sh access-lists QOS-VOICE-SOURCES
Extended IP access list QOS-VOICE-SOURCES
10 permit ip any any dscp ef

sh access-lists QOS-EIGRP
Extended IP access list QOS-EIGRP
10 permit ip any any dscp cs6

sh access-lists QOS-CONFERENCE-SOURCES
Extended IP access list QOS-CONFERENCE-SOURCES
10 permit ip any any dscp af41
20 permit tcp host x.x.x.x any eq 1720
30 permit tcp host x.x.x.x any range 3230 3235
40 permit udp host x.x.x.x any eq 1719
50 permit udp host x.x.x.x any range 3230 3280

This is Cisco cisco ISR4331 IOS XE Version 03.16.04b.S

paul driver · ‎07-05-2019

Hello

As your not incurring any specific BW utilization what are you actually matching on in the access -lists related to the class-maps?

I see in your child policy, the class-maps are LLQ which will have a default queuing of FIFO, but also is your class-default.

You could apply some fair queuing here to avoid any possible random drops of traffic that's isn't classified or negate higher traffic flows possibility staving out the smaller traffic flows

policy-map POLICY-QOS-01
class class-default
fair queue

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joshipiyus81 · ‎07-08-2019

Hello Paul,

Thanks for the reply please see below output of matching traffic via ACl

#sh access-lists QOS-EIGRP
Extended IP access list QOS-EIGRP
10 permit ip any any dscp cs6

#sh access-lists QOS-CONFERENCE-SOURCES
Extended IP access list QOS-CONFERENCE-SOURCES
10 permit ip any any dscp af41
20 permit tcp host X any eq 1720
30 permit tcp host X any range 3230 3235
40 permit udp host X any eq 1719
50 permit udp host X any range 3230 3280

#sh access-lists CLASS-QOS-VOICE
#sh access-lists QOS-VOICE-SOURCES
Extended IP access list QOS-VOICE-SOURCES
10 permit ip any any dscp ef

So Paul the original config is as below: class class-default
shape average 49000000
service-policy POLICY-QOS-01

You want me to replace the above with below config.

policy-map POLICY-QOS-01
class class-default
fair queue

Is shaping affecting the current traffic rate for voice. Do i need to remove shaping or fair queue will work with shaping into effect.

Fiar queue is actually a good thing to configure

paul driver · ‎07-08-2019

Hello

You can apply the fair queuing to your existing shaping configuration.

policy-map POLICY-QOS-01
class CLASS-QOS-VOICE
priority percent 20
class CLASS-QOS-VIDEO
priority percent 50
class CLASS-QOS-EIGRP
priority 1000
class class-default
fair queue

As for your voip/video traffic i dont see a ports specific to RTP (udp 16384 32767) try applying the below

IP access list Extended QOS-CONFERENCE-SOURCES
60 permit udp host X any range 16384 32767

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joshipiyus81 · ‎07-08-2019

Thanks a lot Paul for your reply we are majorly facing issues in skype conf calls when users in Dublin are trying to reach someone in US the quality of skype calls deteriorate.

You can apply the fair queuing to your existing shaping configuration ==> so the shaping config will remain as it is with no changes

class class-default
fair queue

shape average 49000000

Joseph W. Doherty · ‎07-08-2019

"Our ISP has categorized our traffic as well and assigned 10mb in service plane for voice, 1.5 mb for vid, 128kb for critical data n so on."

"class CLASS-QOS-VOICE
priority percent 20
class CLASS-QOS-VIDEO
priority percent 50
class CLASS-QOS-EIGRP
priority 1000"

I would check what's noted in red, above.

BTW, Cisco recommends not assigning more than 33% to LLQ (which, also BTW, is the aggregate of all priority classes).

What kind of "pipe" is this? I.e. your ISP (an Internet Service Provider?) has set aside bandwidth and/or priority for different classes?

Why are you shaping at 49 Mbps?

Where is you WAN optimizer appliance in the topology?

Joshipiyus81 · ‎07-10-2019

This is Gig Link and our WAN optimizer is connected via the WAN router, so the traffic passes via WAN optimizer. Our shaping policy is set the same for other locations which has 50mb pipe as well. and the priority % is same for voice and video there as well.

Skype works fine there and no issues observed for those locations but the issues observed only in this location.

Joseph W. Doherty · ‎07-10-2019

As to it working at other locations, and not just one, often that's because there's often some traffic difference at that one location (versus others), but without more information (like when I asked about topology, knowing whether the optimizer is upstream or downstream of the WAN router is rather important, just being connected to it doesn't tell me which), cannot really say what's might be causing your issue.