Can we apply QOS on DMVPN

rkbalaguru · ‎09-08-2015

Hi All,

I am facing the issue in my network where the server using more of our internet bandwidth, so we are planning to apply shaping for the specific servers which are using more bw, but i am confused on how to apply shaping on my WAN interface since our set up is different,

Please refer the diagram attached

1. The internet traffic is taking direct path via firewalls

2. The server traffic is going via VPN router where packets are encrypted sent it over DMVPN tunnel, we use EIGRP for DMVPN tunnel.

My question is where can i apply shaping since internet and vpn traffic going via different path, if i apply it on tunnel interface on VPN router, the circuit will be overwhelmed by internet traffic since no QOS for it. Please provide me the suggestion.

Thanks

Bala

e.ciollaro · ‎09-09-2015

Hi Bala,

first of all: which kind of router is the VPN router ?

In any case you can configure shaping also on switch ports. I'm not very skilled in QoS over switch but, as far as I know, QoS configuration depends on the specific hardware: different catalyst have slightly different characteristics. You might configure:

policy on ingress port over layer3 switch to limit specific servers before their traffic traverses all your network

or

the aggregate traffic on Internet access switch (I mean the layer 2 switch in the upper part of your diagram). There you can configure SRR on egress ports. QoS is a little bit tricky on Catalyst compared to router QoS (with the exception of 3650, 3850 that, I think, has MQC at last very similar to routers)

Bye,

e

rkbalaguru · ‎09-09-2015

e, I am thinking to apply on router level QOS shaping

e.ciollaro · ‎09-09-2015

Sorry I don't understand what you mean with "at router level"; do you mean on the router or on the switch connect to the router ?

rkbalaguru · ‎09-21-2015

Ciollaro,

I meant to configure shaping on router which is connected to switch

paul driver · ‎09-09-2015

Hello

I would police the traffic as close to the source as possible.

Possiblly apply srr-queue bandwidth limitation to the servers interfaces but this means enabling qos on the switch, which by defaul can have an effect on the enitre switch

Or another way is to pollice on the SVi interface of the servers vlan.

How are these servers connected - Just one switch or over multiple switches?

SRR example :Police interface to 5mb

conf t
mls qos

int x/x
description Server
speed 10
srr-queue bandwidth limit 50

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

rkbalaguru · ‎09-09-2015

Paul,

the servers are connected to same switch, but my worry is it will drop packets if i configure policing thats why i am thinking to apply shaping, but is it possible to apply it on server connected interface for shaping

paul driver · ‎09-09-2015

Hello

"I am facing the issue in my network where the server using more of our internet bandwidth, so we are planning to apply shaping for the specific server"

Shaping gives you a limited allocated BW value, puts the excess traffic into queues for later transmission any remaining unallocated traffic is shared between these queues.

Policing give you an absolute BW value and when this value it reached can drop any excess or become remarked.

Given your OP it sound like your servers need to be policed

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

rkbalaguru · ‎09-21-2015

Can we apply QOS on DMVPN tunnel without per tunnel QOS feature?

Joseph W. Doherty · ‎09-10-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Instead of shaping, you could also consider adjusting the dequeuing priority of your server traffic relative to your other traffic. This would allow you server traffic to use the bandwidth if its available (unlike a policer or shaper) yet keep your server traffic from being adverse to other traffic.

As to where to apply your QoS, you want it placed to manage your bottleneck. If there's both your tunnel traffic and Internet traffic, you can mark the former before its encapsulated and most encapsulations, by default, will copy the original packet's ToS to the encapsulated packet's ToS.

rkbalaguru · ‎09-11-2015

Hi Joseph,

Thanks for the suggestion, do you have sample document for that, i will try to understand how to do it

Joseph W. Doherty · ‎09-11-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Have you seen Cisco's QoS design guides?

Here's one for WANs: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSWAN_40.html

QOS Shaping suggestion