Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
13
Helpful
5
Replies

QoS over Private IP WAN -How are you doing this?

benweber
Level 1
Level 1

‎09-30-2013 11:45 AM - edited ‎03-04-2019 09:11 PM

Hi all,

I've been trying to figure out the best way to do this.  I have a number of customers who get their WAN connectivity through Fairpoint's ELAN offering.  The ELAN product just offers a communications pipe via an ethernet handoff to my CPE routers with no QoS other than rate limiting to keep customers from getting more than their designated port speeds.

I'm working with a customer right now who has the following port speeds:

Main office:         80mbps

DR Site:             50mbps

Site A:               10mbps

Site B:               10mbps

Site C:               10mbps

Site D:               10mbps

Site E:               10mbps

It's a fully meshed network and I want to give voice traffic 3mbps to work with across each link.  The Main Office link is oversubscribed, but at 80mbps to 100mbps not horribly so.

The way I have it set up now is with a nested set of policy maps linked to a parent map.  So for the Main Office to the DR Site and Site A, for example, I have the following:

class-map MainOffice-DRSite-Master

(matches access list with all possible traffic between these two sites)

!

class-map MainOffice-SiteA-Master

(matches access list with all possible traffic between these two sites)

!

class-map MainOffice-DRSite-VOIP

(matches access list defining VOIP traffic)

!

class-map MainOffice-SiteA-VOIP

(matches access list defining VOIP traffic)

!

policy-map MainOffice-DRSite

class MainOffice-DRSite-VOIP

  priority 3000

!

policy-map MainOffice-SiteA

class MainOffice-SiteA-VOIP

  priority 3000

!

policy-map QOS-Parent

class MainOffice-DRSite-Master

  shape average 47000000  (a little below 50mbps to account for average)

   service-policy MainOffice-DRSite

class MainOffice-SiteA-Master

  shape average 9300000  (a little below 10mbps to account for average)

   service-policy MainOffice-DRSite

!

Then that parent policy map is assigned outbound to the physical G0/0 interface.

The problem is I'm taking dropped packets and they are freaking the customer out.

I'm thinking about changing it to a series of access lists for the site-to-site traffic, using group-based generic traffic shaping on the G0/0 interface for traffic between each site and then running a simpler policy map so I can still give 3mbps priority for all voice traffic.

What do you think?  Are these the two ways to do it?  Is one better than the other or is there some other way I'm not thinking about?  Anything wrong with how I'm doing it?

Because the network is oversubscribed I think I'm going to get dropped packets any way you cut it. No?

Thanks,

Ben

Labels:
0 Helpful
5 Replies 5

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-30-2013 12:57 PM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

It's difficult (and often very expensive) to design a network where's there's no oversubscription.  When there's oversubscription, there's always a chance to overrun bandwidth and encounter drops.  (BTW, even when there no's oversubscription, it's still possible to have drops if there's insufficient buffering for all possible concurrent received frames/packets.)

This being so, dropping some packets shouldn't freak out your customer unless the drops are excessive (generally greater than 1%) or are against critical traffic caused by oversubscription of non-critical traffic.

What you have I would basically endorse (although there might be some "tweaks" you might want try).  Where are you seeing the drops?

PS:

There's only traffic between main to branch and the reverse?  I.e., no branch to branch traffic?

PPS:

Don't believe a stock QoS allows you to deal with both physical interface congestion and logical site shaping.  If you have extra interfaces, there's a Rube Goldberg way to deal with it though.

jamie.grive
Level 1
Level 1
In response to Joseph W. Doherty

‎10-01-2013 01:42 AM

Not that it matters as it's the same policy defined within, but I think you meant to put:

policy-map QOS-Parent

class MainOffice-DRSite-Master

  shape average 47000000

   service-policy MainOffice-DRSite

class MainOffice-SiteA-Master

  shape average 9300000

   service-policy MainOffice-SiteA

With regards to the drops, you could discuss with them whether it is a business critical app and if so arrange for some QoS on that so that it prioritises it when your shaper is activated.

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to jamie.grive

‎10-01-2013 03:08 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Jamie, sharp eye!  Whether it matters or not would depend on the actual policies and class maps.  Often subordinate polices match traffic types and not sources and destinations, so often they can be "shared" (especially after Cisco implemented percentage based bandwidth support).

As to your comment about arranging QoS for critical when the shaper activates, yes indeed!  Actually that's what's already being done with the subordinate policy for VoIP traffic.

0 Helpful

benweber
Level 1
Level 1
In response to jamie.grive

‎10-01-2013 06:03 AM

Thanks Jamie,

You're right about that.  These are fake site names soas to protect the privacy of the customer.  I guess I got sloppy on that part.

Joseph,  I'll clear out the counters and let them run for a day to see what percentage of packets are being dropped.  His utility is reporting packet losses of around 25,000 per day, which I would suspect is low enough not to be an issue.  But it's like politics or sausage making; it looks worse than it really is when you see it. 

And you're right.  It is a fully meshed network.  I just didn't bother to show the whole thing as most traffic is from the remotes to the main office and not site to site.

Thanks for the replies.

Ben

0 Helpful

benweber
Level 1
Level 1
In response to benweber

‎10-01-2013 06:14 AM

I did just go into the "show policy map" command.  The circuit between the main site and the DR site has only been up for a week or so.  Since going live there have been 493525171 total and 712947 drops.  That works out to a 0.14% drop rate so I think I'm doing ok.

Ben

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card