09-08-2019 10:55 AM - edited 09-08-2019 11:01 AM
Hi:
I have a strange problem with QoS in Cisco 2921/K9 (spoke) and ISR4431 (hub) routers. I have a QoS configuration in a Hub-and-spoke topology. When traffic begins to expand the VoIP calls are broken. But the strange thing is that bandwidth does not reach the bandwidth limit, and neither of the two classes collapses at any time, and for this reason when I see the show policy-map interface statistics I don’t see drop packets. It is very strange.
These are configurations:
HUB device
=========
class-map match-any REALTIME_QOS
match dscp ef
!
class-map match-any REALTIME_MARK
match access-group name REALTIME_ACL
match protocol h323
match protocol rtp
match protocol rtcp
!
# 10.10.10.0 255.255.254.0 is the VoIP Call Manager network in the Data Center
# Hub device is in the Data Center
ip access-list extended REALTIME_ACL
permit ip 10.10.10.0 0.0.1.255 any
!
policy-map QoS_300M
class REALTIME_QOS
priority
police 110000000 conform-action transmit exceed-action drop
class class-default
bandwidth remaining percent 100
random-detect dscp-based
!
policy-map SHAPPING_300M
class class-default
shape average 300000000
service-policy QoS_300M
!
policy-map DSCP_MARK
class REALTIME_MARK
set dscp ef
class class-default
set dscp af31
!
interface Tunnel25
description GRE tunnel
ip address x.x.x.x x.x.x.x
< Omitted Commands >
ip tcp adjust-mss 1356
qos pre-classify
tunnel source GigabitEthernet0/0/1
tunnel destination x'.x'.x'.x'
!
interface GigabitEthernet0/0/0
description LAN Interface
ip address y.y.y.y y.y.y.y
< Omitted Commands >
service-policy input DSCP_MARK
!
interface GigabitEthernet0/0/1
description WAN Interface
ip address z.z.z.z z.z.z.z
< Omitted Commands >
service-policy output SHAPPING_600M
SPOKE device
===========
class-map match-any REALTIME_QOS
match dscp ef
!
class-map match-any REALTIME_MARK
match access-group name REALTIME_ACL
match protocol h323
match protocol rtp
match protocol rtcp
!
# 10.10.10.0 255.255.254.0 is the VoIP Call Manager network in the Data Center
# Spoke is in a remote site
ip access-list extended REALTIME_ACL
permit ip any 10.10.10.0 0.0.1.255
!
policy-map QoS_100M
class REALTIME_QOS
priority
police 20000000 conform-action transmit exceed-action drop
class class-default
bandwidth remaining percent 100
random-detect dscp-based
!
policy-map SHAPPING_100M
class class-default
shape average 100000000
service-policy QoS_100M
!
policy-map DSCP_MARK
class REALTIME_MARK
set dscp ef
class class-default
set dscp af31
!
interface Tunnel25
ip address x'.x'.x'.x' x'.x'.x'.x'
< Omitted Commands >
ip tcp adjust-mss 1356
qos pre-classify
tunnel source GigabitEthernet0/0
tunnel destination x.x.x.x
!
!
interface GigabitEthernet0/0
description WAN Interface
ip address y.y.y.y y.y.y.y
< Omitted Commands >
!
interface GigabitEthernet0/1
< Omitted Commands >
!
interface GigabitEthernet0/1.50
description LAN Subinterface
encapsulation dot1Q 50
ip address z.z.z.z z.z.z.z
<Omitted commands>
service-policy input DSCP_MARK
Could you help me?
Thank you.
Best regards
09-08-2019 11:53 AM
Hello,
is this a i setup ? The entire QoS configuration looks overly complicated. Before anything else, try and get rid of the random detect, and change the policer to a shaper:
policy-map QoS_300M
class REALTIME_QOS
priority percent 20
shape average 110000000
class class-default
bandwidth remaining percent 100
09-11-2019 02:09 AM
Hi
In your hub config you have a 300M policy-map, but you are referring to a 600M policy in the interface config.
Also, in the spoke site there is a 100M policy. If the spoke site is just a 100M connection, the hubsite is still trying to send up 300M (600M) and that will make an overflow of traffic at spokesite, and a lot of traffic will be dropped, at the provider side, even the prioritized traffic will be lost if the provider is not using QoS.
/Mikael
09-11-2019 09:41 AM - edited 09-12-2019 01:30 PM
Hello
HUB
LAN
class-map match-any REALTIME_MARK <--- i believe this should be match all so to catch the ACL and the protocol
match access-group name REALTIME_ACL
match protocol h323
match protocol rtp
match protocol rtcp
policy-map DSCP_MARK
class REALTIME_MARK
set dscp ef
class class-default
set dscp af31 <--- you are marking any other traffic as AF31 but on your egress PM this isnt changed so it will faill into the class class-default of the wan egress PM and as such i guess your ISP will re-clasify any AF31 traffic or even drop it if there not expecting it
WAN
class-map match-any REALTIME_QOS
match dscp ef
policy-map QoS_300M
class REALTIME_QOS <--------------only matching on EF bit
priority <----------------you haven't specified a bit rate here
police 110000000 conform-action transmit exceed-action drop <----------Policed a 110mbs is this correct?
class class-default
bandwidth remaining percent 100
random-detect dscp-based <-------Is wred random drops required here?
policy-map SHAPPING_300M
class class-default
shape average 300000000
service-policy QoS_300M
interface GigabitEthernet0/0/1
description WAN Interface
service-policy output SHAPPING_600M <----- no such PM should this be SHAPPING_300M ?
SPOKE
Same as HUB confugration with the addtion of _
interface GigabitEthernet0/0
description WAN Interface
<----- no egress policy map being called
Possible configuration
HUB
class-map match-all REALTIME_MARK
policy-map DSCP_MARK
class REALTIME_MARK
set dscp ef
policy-map QoS_300M
class REALTIME_QOS
priority 40 percent
class class-default
bandwidth remaining percent 100
fair queue
policy-map SHAPPING_300M
class class-default
shape average 276480000
service-policy QoS_300M
interface GigabitEthernet0/0/1
description WAN Interface
service-policy output SHAPPING_300M
Spoke
class-map match-all REALTIME_MARK
policy-map DSCP_MARK
class REALTIME_MARK
set dscp ef
policy-map QoS_100M
class REALTIME_QOS
priority 33 percent
class class-default
bandwidth remaining percent 100
fair queue
policy-map SHAPPING_100M
class class-default
shape average 92160000
service-policy QoS_100M
interface GigabitEthernet0/0
description WAN Interface
service-policy output SHAPPING_100M
09-11-2019 10:43 AM
09-11-2019 10:39 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide