cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
837
Views
0
Helpful
4
Replies

WAN link QoS/bandwidth over DMVPN questions

Shawn Lebbon
Level 1
Level 1

I am a little confused in trying to best configure bandwidth management for our Hub and Spoke DMVPN router network over the WAN.

How would one configure a router to best handle traffic flow out a WAN link, where the router 'sees' the network as fast ethernet, but in the 'internet' a much smaller maximum throughput rate is set (like standard T1 or Cable modem speeds)? Or is there really nothing to do? I understand that regular TCP/IP flow controls should scale back data transfer when it detects packet loss; but what about any UDP flows, or the like?

The actual setup:

We have DMVPN hub with ethernet interfaces, connected to internet via a 6Mbps rate limited ethernet line to ISP. The LAN AND WAN ethernet interfaces on our router itself run at 100Mbps. All the remote spokes have 10Mbps ethernet interfaces connected to T1 terminators or cable/DSL lines.

99.9% of the traffic leaving all the routers is the IPSEC traffic from the DMVPN.

We want some sort of QoS policy to give priority to things like interactive intranet web-browsing, odbc database transactions, and voip (3com nbx not cisco) traffic through the DMVPN tunnels, leaving general backup-type file transfers, email, ftp, and other large-data, non-interactive sessions as a lower priority. It seems like this should be setup to rate limit/prioritize the traffic to the ISP's Max line speed before encrypting and tunneling takes place; but how?

Right now there is NO form of QoS or queueing or anything. I believe as a result, we do in fact see consistent drops of non-tcp/ip traffic, (like pings) on and off. Also things like the afformentioned web browsing are extremely slow and laggy--but latency across the networks are stable between 50 and 100 ms. Which should be perfectally acceptable for web-browsing. This leads me to believe it's a problem due to basic traffic drops trying to push all this LAN traffic over a WAN.

I've tried to research this, and think i understand on a basic level HOW QoS works, and it sounds like a good idea, but I'm a little unsure which type to use, and I have a BIG problem trying to understand specifically how to implement it.

Thank you for any help,

-Shawn

4 Replies 4

spremkumar
Level 9
Level 9

Hi

though i havent tried configuring qos with DMVPN setup i found some thing from cisco site which says that some of the commands are not configurable under DMVP tunnel interface..

"The following commands are not supported under mGRE with DMVPN: ip tcp adjust-mss, qos pre-classify tunnel vrf,tunnel path-mtu-discovery,and tunnel vrf"

qos pre-classify is reqd to be there under tunnel interface to carry the exact/original TOS bits instead of new TOS values while encapsulating with the new header.

regds

I don't think that is an accurate answer. As you can see with my config, I have qos pre-classify commands and other commands that you say are not supported.

interface Tunnel200

bandwidth 1544

ip address 1.1.1.2 255.255.255.0

ip mtu 1440

ip nhrp authentication ***********

ip nhrp map 1.1.1.1 10.1.1.1

ip nhrp network-id 123

ip nhrp holdtime 300

ip nhrp nhs 1.1.1.1

ip tcp adjust-mss 1400

ip ospf network broadcast

ip ospf cost 25

ip ospf priority 0

qos pre-classify

tunnel source Serial0/0.800

tunnel destination 10.1.1.1

tunnel key ***************

tunnel protection ipsec profile vpnprofile

Regards,

John..

Hi

i did pick up those statements from here only.

hope u can too refer up the same. ..

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080110ba1.html#wp1069602

regds

The document you link that quote to is talking about IOS "12.2(18)SXE DMVPN Support on the Cisco 6500 and Cisco 7600". Apparently it does hold true for other hardware devices, and more recent, feature-rich IOS versions...

Unfortionatley I still have little good idea how to configure a very basic-level of QoS into our setup...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: