Solved: Router 3925 VLAN/QoS/CoS questions

Ryan Young · ‎08-08-2014

Hello everyone! So, I'm going from a Cisco 891 router to a Cisco 3925 router with a built in T1 card. The 891 had a switch card so I could use all sorts of Layer 3 switch commands YAY! But the new 3925 (wholly huge batman) does not. So, I'm not using all the functionality at this point. I just need it to perform the same things that the old 891 could. We have 2 VLANs currently at the 891, but will be adding 4 more with the network uplift to 3925. Switches are already configured the way we need. YAY! Sadly, the same commands that I am using on the 891 with a priority-group are not working at all. So I can't create a VLAN interface on the new router. No problem, just enable encapsulation and do a new subinterface right? Thats all great and purty, but I need to QoS the data going from that subinterface and going out our Gi0/0 to the world. With the 891, I just put priority-group 1 for the outside interface and create a priority-list 1 with the VLAN interfaces with High, Medium, Normal, and Low. But I don't know how to do that same thing with the subinterfaces on the 3925. Would someone be able to help me?

I'll give you a similar code to what I have on the 891 and if someone could asssit with either helping me with the cli 3925 code, or a good link that shows/explains what I am trying to do, that would be about all I need. :) Hopefully what I have typed so far is clear to my intent. I've been trying to look at examples from Cisco, but they don't seem to do what I need, or I'm not understanding how to encapsulate etc. our 3925 has GigabitEthernet0/(0-2) 3 total ports that I can use for what my 891 had 10 ports (abet just fastethernet). We have a 500/500 fiber ethernet connection we would like to share. and the 891 only has 1 Gigabit and the rest 10/100 only.

interface GigabitEthernet0
description *** Outside World ***
ip address 1.2.3.4 255.255.255.252
ip nat outside
ip virtual-reassembly
priority-group 1
!
interface Vlan1
description ***DATA***
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan52
description **** VOICE ****
ip address 192.168.52.1 255.255.255.0
ip helper-address 192.168.0.20
ip virtual-reassembly
ip nat inside
!
ip routes etc
ip access-lists etc
priority-list 1 interface Vlan52 high
priority-list 1 interface Vlan1 normal

edit: get rid of spacing...

Joseph W. Doherty · ‎08-11-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Do your VoIP devices mark ToS?

If they do, and allowing for your 500 Mbps bandwidth, something like this may do:

class-map match-any VoIP

match precedence 5 4 3

policy-map sample-shape

class class-default

shape average 425000000

service-policy sample

policy-map sample

class VoIP

priority percent 30

class class-default

bandwidth remaining percent 100

fair-queue

interface g0

service-policy output sample

View solution in original post

Ryan Young · ‎08-10-2014

So, I thought I would reply with what I think might be an answer and hopefully someone can assist me, or correct me.

interface GigabitEthernet0/0
description *** Outside World ***
ip address 1.2.3.4 255.255.255.252
ip nat outside
ip virtual-reassembly
priority-group 1
!
exit
!
interface GigabitEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto 
!
exit 
!
interface GigabitEthernet0/1.1 
 description ***Management VLAN****
 encapsulation dot1Q 1
 ip address 10.48.0.1 255.255.255.0
 ip helper-address 10.48.10.20
 ip nat inside
 ip virtual-reassembly
 !
exit 
!
interface GigabitEthernet0/1.5
 description *** VOICE VLAN ***
 encapsulation dot1Q 5
 ip address 10.48.5.1 255.255.255
 ip helper-address 10.48.10.20 
 ip nat inside
 ip virtual-reassembly
 ! 
exit
!
interface GigabitEthernet0/1.7
 description *** WIRELESS VLAN ***
 encapsulation dot1Q 7
 ip address 10.48.7.1 255.255.255.0
 ip helper-address 10.48.10.20
 ip nat inside
 ip virtual-reassembly
 !
exit 
!
interface GigabitEthernet0/1.10
 description *** DATA LAN ***
 encapsulation dot1Q 10 native
 ip address 10.48.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ! 
exit
!
interface GigabitEthernet0/1.30
 description *** GUEST WIRELESS ***
 encapsulation dot1q 30
 ip address 192.168.30.1 255.255.255.0
 ip helper-address 10.48.10.20
 ip access-group DENYGUEST in
 ip nat inside
 ip virtual-reassembly
 ! 
exit
!
interface GigabitEthernet0/1.52
 description *** OLD VOICE ***
 encapsulation dot1q 52
 ip access 192.168.52.1 255.255.255.0
 ip helper-address 10.48.10.20
 ip nat inside
 ip virtual-reassembly
 !
exit
!
ip nat inside source list MEDIACOMNAT interface GigabitEthernet0/0 overload
!

Now I don't know how to do the QoS like I used to with my 891 with the integrated switch. I think it would be stupid to buy a switch card just to get the layer 2 functionality. Does anyone have anywhere they could point me that may use a real world example to help me understand how to do QoS in my situation? Sorry for being a newb.

Joseph W. Doherty · ‎08-11-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Do your VoIP devices mark ToS?

If they do, and allowing for your 500 Mbps bandwidth, something like this may do:

class-map match-any VoIP

match precedence 5 4 3

policy-map sample-shape

class class-default

shape average 425000000

service-policy sample

policy-map sample

class VoIP

priority percent 30

class class-default

bandwidth remaining percent 100

fair-queue

interface g0

service-policy output sample

Ryan Young · ‎08-12-2014

Thank you Joseph!

From what I know about our phones, they do set their ToS as level 5 so, there's that. So I am going to go through what you have here and try to explain what it means, please let me know if my understanding is correct or if I am missing something.
policy-map match-any VoIP This creates a policy-map that contains any VoIP ToS headers?
match precedence 5 4 3 matches anything that is setup as priority 5 or 4 or 3 correct? (My phones do a 5 so that should be good)

policy-map sample-shape (just a name, could be SHAPING or similar)
class class-default I don't know what this is?
shape average 425000000 why do they use bits instead of kilobits or something? I assume this is 425Mbps?
service-policy sample (calling the policy that is actually be shaped?)

policy-map sample (just a name could be something like VoIPPOLICY)
class VoIP (tells what precedence is being put in from the VoIP name above?)
priority percent 30 so 30 percent of the bandwidth will be set aside for VoIP?
class class-default I still don't know what this is or does :(
bandwidth remaining percent 100 Not too sure what this does?
fair-queue again not too sure about this one.

int gi0/0
service-policy output sample (or whatever I name it)

With the above explainations, does it seem like I am getting the hang of this new way? And if someone could confirm my understanding and let me know the bits I am unsure about that would be awesome!

Joseph W. Doherty · ‎08-12-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Class-map or policy-map names can be anything you want, but normally you want to name to be meaniful. The class-map VoIP is just to denote we're using it for your VoIP traffic.

The match against IP Prec 3, 4 and 5 is just to trap the likely markings for VoIP traffic.

Shaping is in bps; don't have a choice (I believe). Yes, it's for 425 Mbps. (I believe most shaping doesn't account for L2 overhead, so I'm shaping for about 15% slower to account for it.)

In CBWFQ, bandwidth percentage aren't set aside, they are guaranteed to be provided, if needed. I.e. if unused, other traffic classes may use that bandwidth.

LLQ is "special" in a couple of ways, one of which is, it also has an implicit policer.

Class-default is a generic name for "none-of-the-above"; it's always present in CBWFQ, but if you declare it explictly, you can change some of its parameters. In this case, I defined a class for your VoIP traffic, and use class-default for how everything else is to be treated.

By default, classes usually implement a single FIFO queue. FQ allocates multiple queues to try to alow different flows to have their own queues.