02-25-2016 08:13 AM - edited 03-05-2019 03:25 AM
Kit: Cisco 3845 - Advanced Security
IOS: 151-4.M10
Under extreme rxload (see below) – why would AF31 not be dropped over AF21 traffic without the use of WRED, shaping or policers on the inbound MQC? i.e. AF31 is not been dropped but AF21 is.
MTU 1500 bytes, BW 30000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 9/255, rxload 212/255
Is some measure of priority and proportional fairness defined between traffic in different AF classes as standard? Should congestion occur between classes, is the traffic in the higher class been given priority? If not, the only other thing I can think of is the Service Provider is prioritizing.
Please note - The type of the traffic (ssh, http etc) doesn't matter as we have tried these in either classes and af31 is always persevered over af21.
Thanks
James
----------------
class-map match-any mission_crit_af31
match ip dscp af31
class-map match-any transactional
match ip dscp af21
policy-map qos_in
class voice
class video
class mission_crit_af31
set ip dscp af31
class mission_crit_af32
set ip dscp af21
class transactional
set ip dscp af11
class general
set ip dscp 1
interface FastEthernet0/0/0
Description *****WAN interface *****
bandwidth 30000
ip address x.x.x.x 255.255.255.252
ip access-group inbound-filter in
ip nbar protocol-discovery
ip flow ingress
ip flow egress
load-interval 30
duplex full
speed 100
max-reserved-bandwidth 100
service-policy input qos_in
service-policy output qos_out
02-25-2016 10:18 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
WRED and shapers shouldn't be applicable to ingress. Policers can be, but drops would depend on the volume of different kinds of traffic relative to your ingress policy.
In other words, usually an ingress interface (again without policers) shouldn't be dropping any traffic, based on ToS.
Some devices do support SPD (http://www.cisco.com/c/en/us/support/docs/routers/12000-series-routers/29920-spd.html), but I don't think it generally selects between AF31 vs. AF21.
What might happen though, if the packets vary greatly in size between your two markings and/or there are more bursts of one marked packet vs. the other marking, that might reflect in dropping. I.e. whatever packets might be causing resource exhaustion.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide