Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
0
Replies

C9300-24UXB QOS priority Queue question

gsaccento2222
Level 1
Level 1

‎05-10-2024 08:04 AM

Hi all!

Trying to figure out something and it is stumping me! I cannot figure out why some random (or maybe not so random) traffic is hitting my priority queue. I have a feeling its CPU or control level traffic being registered into the PQ at TH2.

Right now the interface is easy to see this happening as the circuit is just installed facing t1/0/20 which is where the outbound policy is and where im seeing this behavior.

I have a basic QOS policy that classifies traffic on WAN ingress to 3 different ACLS. I am then marking the traffic as either EF or AF41. The Default class is then set to set DSCP to 0.

From there, on egress to T1/0/20 where those subnets labled in the ACL live, I am HQOS to shape down to the 200mbps (180) line we are paying for. 

If someone can please review this config and take a look if this first, is the correct way of doing it, and, where data in the show policy-map is hitting the priority class under the child and what is this data?!

Extended IP access list 101
10 permit ip host 72.20.x.x 10.20.12.0 0.0.0.255
20 permit ip host 72.20.x.x 10.20.12.0 0.0.0.255

Extended IP access list 102
10 permit ip 216.93.246.0 0.0.0.255 10.20.15.0 0.0.0.255
20 permit ip 69.90.51.0 0.0.0.255 10.20.15.0 0.0.0.255

Extended IP access list 103
10 permit udp any eq 3390 10.20.15.0 0.0.0.255 gt 32768

Class Map match-any PH-VOIP (id 14)
Match access-group 101
Match access-group 102

Class Map match-any PH-VDI (id 24)
Match access-group 103

Policy Map PH-ELINE-CLASSES-LAN
Class PH-VOIP
set dscp ef
Class PH-VDI
set dscp af41
Class class-default
set dscp default

service-policy input PH-ELINE-CLASSES-LAN  (this is applied inbound to the C9300 vlan interface that is my transit to the FW)

So after this point I should be marking all the data that I need marked and setting everything else from the WAN as DSCP 0.

Here is the output policy facing the new circuit going to oversea location over an ELINE connection

Class Map match-any EF-DSCP (id 11)
Match dscp ef (46)

Class Map match-any AF41-DSCP (id 12)
Match dscp af41 (34)

Policy Map PH-ELINE-QOS-CHILD
Class EF-DSCP
priority level 1 10 (%)
Class AF41-DSCP
bandwidth remaining 60 (%)
queue-buffers ratio 35
Class class-default
bandwidth remaining 30 (%)
queue-buffers ratio 60

random detect DSCP based

Policy Map PH-ELINE-QOS-PARENT
Description: Traffic-Shape 200Mbps
Class class-default
Average Rate Traffic Shaping
cir 180000000 (bps)
service-policy PH-ELINE-QOS-CHILD

INT T1/0/20

Service-policy output PH-ELINE-QOS-PARENT

---------------------------------------------------

The area below I have tried to correlate what is being seen on the PMAP to what the interface is sending. I highlighted in red the parts that are corresponding to each other. As you can see, the same data leaving the interface (bytes/packets) matches what the PMAP is putting into the PQ at TH2.

sh policy-map int t1/0/20
TenGigabitEthernet1/0/20

Service-policy output: PH-ELINE-QOS-PARENT

Class-map: class-default (match-any)
0 packets
Match: any
Queueing

(total drops) 0
(bytes output) 676
shape (average) cir 180000000, bc 720000, be 720000
target shape rate 180000000

Service-policy : PH-ELINE-QOS-CHILD

queue stats for all priority classes:
Queueing
priority level 1

(total drops) 0
(bytes output) 676

Class-map: EF-DSCP (match-any)
0 packets
Match: dscp ef (46)
Priority: 10% (18000 kbps), burst bytes 450000,

Priority Level: 1

Class-map: AF41-DSCP (match-any)
0 packets
Match: dscp af41 (34)
Queueing

(total drops) 0
(bytes output) 0
bandwidth remaining 60%
queue-buffers ratio 35

Class-map: class-default (match-any)
0 packets
Match: any
Queueing

(total drops) 0
(bytes output) 0
bandwidth remaining 30%

ICC-RAH-ELAN-CORE01#sh int t1/0/20
TenGigabitEthernet1/0/20 is up, line protocol is up (connected)
Hardware is Ten Gigabit Ethernet, address is 242a.04eb.67f7 (bia 242a.04eb.67f7)
Description: ELINE to PHCC
Internet address is 192.168.252.22/30
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 100/1000/2.5G/5G/10GBaseTX
input flow-control is on, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:35:09, output 00:00:02, output hang never
Last clearing of "show interface" counters 00:00:37
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: Class-based queueing
Output queue: 0/40 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
5 packets output, 676 bytes, 0 underruns
Output 0 broadcasts (0 IP multicasts)
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

Asic:0 Core:1 DATA Port:19 Hardware Enqueue Counters
----------------------------------------------------------------------------------------------
Q Buffers Enqueue-TH0 Enqueue-TH1 Enqueue-TH2 Qpolicer
(Count) (Bytes) (Bytes) (Bytes) (Bytes)
-- ------- -------------------- -------------------- -------------------- --------------------
0 0 0 0 676 0
1 0 0 0 0 0
2 0 0 0 0 0
3 0 0 0 0 0
4 0 0 0 0 0
5 0 0 0 0 0
6 0 0 0 0 0
7 0 0 0 0 0

ANY HELP would be GREATLY APPRECIATED!!!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents