Showing results for 
Search instead for 
Did you mean: 

simple WAN QoS design


I already have a QoS policy map applied on the WAN interface. I want to create a seperate traffic class for Outlook traffic because it consumes a fair amount of bandwidth and is considered as BusinessTraffic, according to the actual QoS design. So it is treated like any other TCP traffic.

Router sits on a branch office, and Outlook server is in HQ.

class-map match-any CLASS_BusinessTraffic

description various business applications

match access-group name ACL_BusinessTraffic

class-map match-any CLASS_TraficIP

description Tout le trafic IP

match access-group name ACL_TraficIP

ip access-list extended ACL_TraficIP

permit ip any any

ip access-list extended ACL_BusinessTraffic

permit tcp any any

policy-map POLICY_LLQsurWAN

description Policy LLQ sur le lien WAN

class CLASS_Voice

   priority percent 35

set ip dscp ef

class CLASS_BusinessTraffic

   bandwidth remaining percent 90

set ip dscp af31

class class-default


I thought of adding the following:

class-map match-any CLASS_Outlook

description Outlook traffic

match access-group name ACL_Outlook

Policy-map Policy_LLQsurWAN

class CLASS_Outlook

set ip dscp AF21

ip access-list extended ACL_Outlook

permit ip any host eq 443

is that correct?



with QoS you need to consider how much bandwidth you have over the wan then design your QoS based on the amount of bandwidth

maybe your are using a 100M interface but the actual available bandwidth over the WAN is 10M then you need to have your QoS policy aligned with the 10M not th e100M

once defined your QoS classes ( type of trafifc ) then you can put these policies under the QoS policy but keep in mind the bellow points

- the QoS policy match and process class man top down it match then stop if doe not find match it will go to the next class

thats why make sure if you have a class map with ACL that match IP any any do not put it first in the policy map other wise all the other class will be ignored

- secondly i noticed that you remarking the traffic (DSCP) before eyou send it out to the WAN do you have agreement with your service provider about which class of service ( DSCP ) and what do they support for end to end QOS if not then there is no benefit from re marking it as th eTeleco WAN provider will remarked to 0 and end it as best effort

please have a look at the bellow link to understand how to shape the interface to the actual bandwidth available to you over the WAN in order to get your QoS policy working

for the newly added class map under the QoS policy for outlook i cant see any action other than you remarking the traffic ifyo want some bandwidth guaranteed at lease allocate some bandwidth to be guaranteed in the case of link conjustion using the command bandwidth XX where is bandwidth in Kbps


if helpful Rate

VIP Expert


The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.


Yes, you can do that, provided the new class (CLASS_Outlook) appears before your existing class, CLASS_BusinessTraffic, in the policy map.  You may also need to define a bandwidth allocation of this new class too.

Insufficient information to determine whether there will be any benefit to making such a change (also impossible to determine whether there's any benefit to what you have now).