08-16-2010 12:17 AM - edited 03-04-2019 09:26 AM
Hi Guys,
I am at my last rope here with this situation, we have contacted our ISP who does Cisco and they have been unable to create a proper working configuration for what I believe is a rather simple request, they rather refer us to a IBC (Private network) setup...
The situation is as follows;
2 sites both connected to the Internet using ADSL2, they both also have Cisco 877 routers, there is a DVTI IPSEC setup between the sites to route traffic through the Internet.
At each site there is also a phone system, 1 site has the master and the other the slave, the problem is with out QoS when the branch office downloads a file from the main office the main office saturates its upload link (1Mbps) and the call quality drops to almost 0%
So the question is how can we setup the QoS to guarantee as much as 50% of bandwidth will goto the phone system IF it requires?
I can attach the configurations but did not want to clutter up the thread unless requires
Kind Regards,
Andrew James
08-16-2010 01:22 AM
Hi,
To run QOS for phones. you can make a class map for phone(VOIP) then make a policy map QOS match the class VOIP in that strict priority of 30%. then for class default - remaining. Apply that class map to Virtual template.
For example : http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html#wp1085879
Refer Dynamic Virtual Tunnel Interface with QOS.
Hope this information will help you..
Do rate for helpful posts...
Uttam
08-16-2010 05:41 AM
Thank you for that, after going over the configuration provided by the ISP it appears they dont even touch the SVTI (sorry made spelling mistake before)
Please note the below configuration does not work, this configuration appears to be over complicated and a bit redudant
class-map match-any MATCH-VOIP
match precedence 5
class-map match-any TAG-VOIP
match access-group name LOCAL-VOIP
!
!
policy-map QOS
class MATCH-VOIP
priority percent 35
policy-map QOS-IN
class TAG-VOIP
set ip precedence 5
!
interface Tunnel1
bandwidth 865
ip address 172.30.0.1 255.255.255.252
ip route-cache flow
load-interval 30
qos pre-classify
tunnel source Dialer1
tunnel destination xxx.xxx.xxx.xxx
tunnel mode ipsec ipv4
tunnel path-mtu-discovery
tunnel protection ipsec profile Site-to-Site
!
interface Vlan1
description --- Ethernet to Customer ---
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1400
service-policy input QOS-IN
hold-queue 100 out
!
interface Dialer1
bandwidth 865
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
load-interval 30
service-policy output QOS
!
ip access-list extended LOCAL-VOIP
permit ip host 10.0.0.200 any
permit ip host 10.0.0.201 any
permit ip host 10.0.0.202 any
08-16-2010 06:12 AM
I have created the following configuration do you believe this is on the right track?
class-map match-any MATCH-VOIP
match access-group name VOIP-SERVERS
!
!
policy-map QOS
class MATCH-VOIP
set ip precedence 5
priority percent 50
set dscp ef
class class-default
fair queue
!
!
interface Tunnel1
ip nbar protocol-discovery
service-policy output QOS
!
ip access-list extended VOIP-SERVERS
permit ip host 10.0.0.200 any
permit ip host 10.0.0.201 any
permit ip host 10.0.0.202 any
10-02-2017 08:21 PM
Hi Guys,
Can someone help me?
I had some issues with the QOS i applied from my lab setup. This configuration actually works and tested working from a lower IOS. I cant remember the exact version but it is around version 12. Now, i upgraded my IOS and now the current version I am using is (C2800NM-ADVENTERPRISEK9-M), Version 15.1(3)T4 from a Cisco 2811 router. Below is my running configuration related to QOS.
```
ip access-list extended acl-181758
permit ip any 10.128.0.96 0.0.0.15
ip access-list extended acl-181706
permit ip any 10.128.0.112 0.0.0.15
class-map match-any cm-realtime
match protocol dns
match dscp ef
match protocol rtp
match protocol ssh
match protocol icmp
class-map match-any cm-181758
match access-group name acl-181758
class-map match-any cm-181706
match access-group name acl-181706
policy-map pm-terminal
class cm-realtime
priority
policy-map pm-system-small
class cm-181758
bandwidth 256
police rate 256000
service-policy pm-terminal
class cm-181706
bandwidth 512
police rate 512000
service-policy pm-terminal
policy-map pm-interface-ob110001
class class-default
shape average 960000
interface FastEthernet0/1/0
description "PPPOE OB110001"
no ip address
duplex auto
speed auto
pppoe enable group global
service-policy output pm-interface-ob110001
```
I am using iperf tools for unix to generate traffic and at the same time to measure the traffic passing.
10-04-2017 03:22 AM
Hi Guys,
I already solved the problem...
I just missed one line of config as shown below..
policy-map pm-interface-ob110001
class class-default
shape average 960000
service-policy pm-system-small <----i missed this line.
Thanks..
10-03-2017 12:49 PM - edited 10-04-2017 03:06 AM
Are these Internet connections devoted to only your site-to-site VPN, or do you allow general Internet traffic too? If the latter, you'll not be able to have effective QoS unless both ISPs are willing to implement QoS on their devices that feed your devices.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide