Solved: QoS questions and challenges - Page 2

Steven Williams · ‎06-22-2015

I have a 2921 router that is connected to ISP. It has two sub-interfaces. One that directs traffic to the internet and the other one that forces traffic to the provider MPLS. I need to carve this up. Its a 100mbps pipe and need to cut it in half and dedicated 50mbps to the MPLS and 50mbps to the internet. So I assume I going to use the shaping feature to accomplish this. Once that is complete I need to create some rules that prioritize the traffic for the MPLS pipe. I am not very familiar with QoS, on a WAN routing basis. Switching only for phones.

would I apply the shaping at the physical interface or the sub interfaces? I am really looking for a way to start this and understand this.

I have the config guide for 15.4 but its a bit confusing and there is a lot of info to take in.

Thanks.

Joseph W. Doherty · ‎06-23-2015

That's not the policy I posted. I'm unsure your policy would be accepted under a subinterface.

Again, did you try what I posted?

Steven Williams · ‎06-23-2015

Your code sample does not work. Service-policy is not a valid command in global config.

ChangingTheName(config)#service-policy Sample
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#class class-default
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#fair-queue
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#
ChangingTheName(config)#service-policy Shape50Mclass
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#class-default
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#shape average 50000000
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#
ChangingTheName(config)#service-policy Sample
^
% Invalid input detected at '^' marker.

ChangingTheName(config)#
ChangingTheName(config)#interface g0.1
ChangingTheName(config-subif)#desc to Internet
ChangingTheName(config-subif)#service-policy output Shape50M
% policy map Shape50M not configured
ChangingTheName(config-subif)#
ChangingTheName(config-subif)#interface g0.2
ChangingTheName(config-subif)#desc to MPLS
ChangingTheName(config-subif)#service-policy output Shape50M
*Jun 23 14:50:42.371: %LINEPROTO-5-UPDOWN: Line protocol on Interface GMPLS0, changed state to up
% policy map Shape50M not configured
ChangingTheName(config-subif)#

Joseph W. Doherty · ‎06-23-2015

Duh - slap side of my head - sorry.

Seeing your output, very helpful!

I've edited my original post. Try it again.

Steven Williams · ‎06-23-2015

This is what I see now.

hangingTheName#show policy-map interface fa0/0.3086
FastEthernet0/0.3086

Service-policy output: Shape50M

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      Queueing
      queue limit 64 packets
      (queue depth/total drops/no-buffer drops) 0/0/0
      (pkts output/bytes output) 0/0
      shape (average) cir 50000000, bc 200000, be 200000
      target shape rate 50000000
ChangingTheName#

Joseph W. Doherty · ‎06-23-2015

Ah, that's looks better. Did this also have a child policy?

Where I used Sample, you should be able to use your MPLS policy.

Steven Williams · ‎06-24-2015

This is what I have now. So the way I understand this parent/child thing is that everything will hit the class-default and be shaped to 50mbps, then it will look at the child policies and see if it matches any of those. So if the traffic is voice (RTP) and goes out the interface it will say ok, you belong to class-default (I am not sure what its being matched on for this though?) So now that you belong to class-default you will shape to 50mbps...now you are RTP so you fall into the voice class which says you are limited to 25 percent at a priority level of the 50mbps?

class-map match-any MPLS_VOICE_CHILD

match protocol rtp

match protocol rtsp

match protocol sip

match protocol skinny

match protocol h323

class-map match-any MPLS_REPLICATION_CHILD

match access-group name MPLS_REPLICATION_ACL

class-map match-any MPLS_STND_TRAFFIC_CHILD

match access-group name MPLS_STND_TRAFFIC_ACL

policy-map MPLS_QUEUEING_CHILD

class MPLS_VOICE_CHILD

priority percent 25

class MPLS_REPLICATION_CHILD

bandwidth percent 25

class MPLS_STND_TRAFFIC_CHILD

bandwidth percent 45

class class-default

policy-map MPLS_POLICYMAP_PARENT

class class-default

shape average 50000000

service-policy MPLS_QUEUEING_CHILD

ip access-list extended MPLS_REPLICATION_ACL

permit ip any host 192.168.2.13

ip access-list extended MPLS_STND_TRAFFIC_ACL

permit ip any 192.168.2.0 0.0.0.255

permit ip any 192.168.8.0 0.0.0.255

permit ip any 192.168.14.0 0.0.0.255

interface FastEthernet0/0.3086

description MESH VPN

bandwidth 50000

encapsulation dot1Q 3086

ip vrf forwarding mpls

ip address 1.1.1.1 255.255.255.252

service-policy output MPLS_POLICYMAP_PARENT

ChangingTheName#show policy-map interface fa0/0.3086

FastEthernet0/0.3086

Service-policy output: MPLS_POLICYMAP_PARENT

Class-map: class-default (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: any

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

shape (average) cir 50000000, bc 200000, be 200000

target shape rate 50000000

Service-policy : MPLS_QUEUEING_CHILD

queue stats for all priority classes:

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

Class-map: MPLS_VOICE_CHILD (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol rtp

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol rtsp

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol sip

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol skinny

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol h323

0 packets, 0 bytes

5 minute rate 0 bps

Priority: 25% (12500 kbps), burst bytes 312500, b/w exceed drops: 0

Class-map: MPLS_REPLICATION_CHILD (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: access-group name MPLS_REPLICATION_ACL

0 packets, 0 bytes

5 minute rate 0 bps

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 25% (12500 kbps)

Class-map: MPLS_STND_TRAFFIC_CHILD (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: access-group name MPLS_STND_TRAFFIC_ACL

0 packets, 0 bytes

5 minute rate 0 bps

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 45% (22500 kbps)

Class-map: class-default (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: any

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

Joseph W. Doherty · ‎06-24-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Yep, for someone who doesn't understand, you've pretty much have it fully described.

All traffic going out the subinterface will match against the parent policy's class-default. All the class does, is shape the traffic to 50 Mbps. Traffic that is queued by the class-default shaper, is handled by the child policy defined to class-default. Your VoIP is LLQ'ed (i.e. it's always dequeued first), but it's also further rate limited to 25% of the 50 Mbps.

Steven Williams · ‎06-24-2015

So now let the plot thicken a bit....Lets say my MPLS provider only supports 4 levels.

DSCP EF

DSCP AF31

DSCP AF11

DSCP 0

So voice is good since its matching on EF and should be tagged EF within my network.

But what about my class-maps that are matching on an ACL, so I need to mark this as they go out to one of these 4 that that the ISP is supporting?

Joseph W. Doherty · ‎06-24-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Yes, although it might be difficult to grasp, you can also have more than four classes. If you do, you would have multiple classes remark to the same MPLS supported marking.

Your child policy allows you to manage your shaper's congestion however you would like. The MPLS markings are used to manage congestion within the MPLS WAN cloud (especially cloud egress). Often they are congruent, but they don't have to be.

PS:

You can also just have all traffic, using a class, be (re)marked.