QoS on Cisco ASA is being exceeded despite thresholds

drstokes76 · ‎12-02-2011

I have a Cisco ASA 5510 running 8.2(1)

I have a QoS policy which limits the traffic between any server in our office to a DR server in a secondary location which limits data replication traffic to 5Mbps. Occassionaly this is exceeded and then snaps back (assuming because of the burst rate set). However sometimes it goes up to 8Mbps which is pretty much our entire bandwidth and doesn't come back down.

This is especially true when I set the QoS to be time-based. I've had it set to use 5.5Mbps from 8am to midnight but then after there's no limit until 8am. At midnight it goes to using 8Mbps but then at 8am it doesn't come back down to 5.5Mbps. Its as if once exceeding the QoS thresholds it decides not to limit it properly.

access-list outside_mpc_2 extended permit ip any host host-01 time-range Daytime

time-range Daytime

periodic daily 8:00 to 23:59

object-group network DM_INLINE_NETWORK_15

network-object uk-platform-net 255.255.255.0

network-object uk-platform-outside 255.255.248.0

class-map HA_Traffic_class

match access-list outside_mpc_2

policy-map DxxxQOS

class Voice

priority

class IAX

priority

class PlatformTraffic

priority

class Data

police output 6000000 5000

class HA_Traffic_class

police output 5500000 3500

service-policy DxxxQOS interface outside

Can anyone shed any light on what I might be doing wrong.

Thanks

vmkichura · ‎10-12-2015

I just saw the same thing happen on my ASA. I removed the policy from the inside interface and once I re-added it to the interface it was rate limiting properly again. Did you ever figure out what was causing this issue?