Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
16064
Views
35
Helpful
22
Replies

Police and Priority with bandwidth/percent are not allowed in the same class

Go to solution
Ruggero Delcuratolo
Level 1
Level 1

‎05-09-2014 05:17 AM - edited ‎03-04-2019 10:57 PM

Hi Team,

 

I am replacing a 7204VXR Router with an ASR1002-X Router running IOS-XE 3.7.5S

 

When it comes to configure QoS for a traffic class, I am getting the below error when configuring the priority and police commands:

"Police and Priority with bandwidth/percent are not allowed in the same class"

 

This is what I'd like to implement:

policy-map EMEA_Outbound

class Out_Shaper_Traffic_A
  priority 4608
    police 4608000 conform-action transmit  exceed-action set-dscp-transmit af41 violate-action set-dscp-transmit af41

 

The intent is to reserve 4608 for Traffic_A and to re-mark it as AF41 when it exceeds the limit, that is to ensure that our provider does not drop it when we fill their QoS class, thus I want to remark it to another class.

 

However the Router IOS does not seem to support both commands any longer.

Any hints on how we could solve or bypass this?

 

Thanks

1 person had this problem
Labels:
0 Helpful
22 Replies 22

Go to solution
Ruggero Delcuratolo
Level 1
Level 1
In response to Vasilii Mikhailovskii

‎05-11-2014 02:15 AM

Great, that works! Excellent job.

I have reseved an EF queue of 5Mb, so if Voice exceeds 3890 it remarks to AF41 and if Heartbeat exceeds 1Mb it is remarked to AF41 that is to prevent the provider to drop that traffic at 5Mb.

Do you mean that even when they violate and get remarked to AF41 they keep the priority in AF41?

That would not be an issue as I have a 10Mb total line that can take care of AF41 priorities anyway.

Thanks for the help

0 Helpful

Go to solution
Vasilii Mikhailovskii
Level 7
Level 7
In response to Ruggero Delcuratolo

‎05-11-2014 05:23 AM

Hello, Ruggero.

I meant that if you EF traffic tried to allocate 100M, it would even though you remark a lot of it into AF41. As far as you run this as priority queue this (flood) might kill your link.

In this case you either need to review your QoS policy or apply inbound policer on LAN interface remarking exceeded traffic.

I also would note, that is you remark voice traffic from EF to AF41, this might cause your ISP to place the traffic in different queues (traffic paths)... as are result you will observe too high jitter and packet reordering (that is fatal for voice).

 

0 Helpful

Go to solution
Ruggero Delcuratolo
Level 1
Level 1
In response to Vasilii Mikhailovskii

‎05-12-2014 02:41 AM

Right, that's not really Voice traffic, they are Heartbeat packets between Voice servers that if they drop they cause the Voice systems to go down, they are not sensitive to jitter and latency like the RTP Voice protocol

0 Helpful

Go to solution
Vasilii Mikhailovskii
Level 7
Level 7
In response to Ruggero Delcuratolo

‎05-12-2014 02:48 AM

Hello, Ruggero.

Anyway I would say it's a risk to run priority queue without upper limit.

I could imagine a couple of scenarios when it could kill your WAN; like: L2 temporal loop or flood of EF traffic, some "smart" user marking traffic with EF; crazy IPT system.

PS: once I saw application server sending about 15M of ICMP just as echo-requests (I guess that was misconfiguration).

Go to solution
Ruggero Delcuratolo
Level 1
Level 1
In response to Vasilii Mikhailovskii

‎05-12-2014 03:04 AM

In my case I am putting under priority the packets that have been matched by the Heartbeat and Voice class and they match the physical IPs and ports of the real Voice systems and then just marking them out as EF. So if there is a user running ICMP over EF or HTTP over EF it won't be matched by the Priority class that I defined and it will be dropped on the EF class by the ISP.

And I am also running NetFlow to constantly monitor the classes in case something weird occurs, I am ready to stop it.

But apart from that, there is already an ISP imposed limit on the EF class so there is no chance that it can take more than it is allocated on the ISP side.

If I have a 10Mb line, and I purchase a 4Mb EF queue, they will not allow EF to go over the 4Mb, no matter what I do on the CPE.

0 Helpful

Go to solution
philip moore
Level 1
Level 1

‎06-03-2014 01:38 AM

Hey Rug,

 

How's it going? It's Phil from UN. Funny, we've run into same issue here, when moving from 7206vxr to asr 1006.

 

Any chance you could take a look please at our config? Roberto will buy you 1/many tequila's I am sure :)

 

Cheers

Phil

0 Helpful

Go to solution
Ruggero Delcuratolo
Level 1
Level 1
In response to philip moore

‎06-03-2014 02:48 AM

Hi Phil,

I am doing great, yep that's is really funny indeed.

I was able to solve the issue, if you send me your portion of QoS configuration at ruggero.delcuratolo@nike.com or ruggero.delcuratolo@xerox.com I'll be glad to help you out.

But don't forget that you promised many tequilas :)

Cheers

Rug

0 Helpful

Go to solution
philip moore
Level 1
Level 1
In response to Ruggero Delcuratolo

‎10-05-2014 02:35 PM

Hey Rug, Long time, gathered dust. In the end my question was quite different to your problem. We managed to get it sorted. The limitation was can only do shaping in a parent policy in class-default. as a result, I had to subnet and use dot1q interfaces for each wan link. Actually, we found a neat way using per-tunnel qos feature (the wan is dmvpn) for the child classes, with default/shape on the physical. 

 

Id din't try yet with the priority 1 and priority 2 queues.

Besides, looks like you don't need my tequila, Ibiza! I'm in the wrong job ;) ciao!

0 Helpful
Customers Also Viewed These Support Documents