04-26-2017 01:45 AM - edited 03-08-2019 10:20 AM
Hi
How can i configure 3 ports with high priority in a DMVPN network..
So i have a Software which uses 3 ports to communicate and this sould work without any disconnects or drops when someone made a download in the VPN Tunnel.
So i made a policy-map with a access-list and assignt it to the tunnel interface.
this doesn`t work.
Hub config
policy-map QoS
class QoS
set ip precedence 5
interface Tunnel 1
ip nhrp map group Test service-policy output QoS
ip access-list extended QoS
permit tcp any any eq 3055
permit tcp any any eq 3022
permit tcp any any eq 1533
Spoke
interface tunnel 1
ip nhrp group Test
So what is the problem?
Thanks
04-26-2017 03:02 AM
Hi
please see this section in the doc below it shows you how to setup qos per tunnel in DMVPN , its a slightly different setup than standard MQC , it needs to be mapped by group
configuration examples included
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-per-tunnel-qos.html#GUID-F8E70B68-B11F-4C5C-B9F3-70FCDE5AB530
04-26-2017 05:10 AM
I see the document but how can i set the priority of the packet which comes on a port from an other packet?
so if the packet comes from ftp the priority is lower then a packet from my ports i have defined.
is this possible? so the router sends the packet from my defined ports faster than other ports so that my software will always stay up.
thanks
04-26-2017 05:38 AM
There's a bit more to effective QoS than setting a ToS marking.
When working with tunnels, generally you need to shape to the expected bandwidth, and then prioritize the shaped traffic.
BTW, if the physical interface can handle multiple sources (e.g. the hub), you need to insure the aggregate (e.g. sum of the spokes) doesn't exceed the physical bandwidth.
Also if the VPN physical interfaces also handle other than managed VPN traffic, VPN QoS will often be ineffective.
04-26-2017 05:52 AM
So the spokes have only 2Mbit and i have 15 spokes . The hub is connected to 50Mbit. so there is not speed problem.
So how can i seperate the traffic from 3 ports from the other? If someone starts a session with big bandwidth my program lose the connection.
Thanks
04-26-2017 07:52 AM
The hub is connected to 50Mbit. so there is not speed problem.
un-huh, but then you write . . .
If someone starts a session with big bandwidth my program lose the connection.
So what happens if you send 50 Mbps, at hub, to 2 Mbps at spoke?
I would also guess, your 50 Mbps hand-off has a "faster" physical interface, so if it's something like 100 Mbps, what happens if you send 100 Mbps to 50 Mbps?
Ditto at spokes. At spokes you may have an E1, but LAN side is only 2 Mbps too?
So how can i seperate the traffic from 3 ports from the other?
You recognize it, which your policy should do. Once you've done so, you can treat it "special", but although tagging it can be useful for providing this traffic special treatment, again, just tagging alone often does not make for effective QoS.
BTW, if you shape for your available bandwidths, and if your devices support class FQ, that alone might be enough to solve your issue. If FQ not supported, or you really prefer to treat your 3 ports "special", you insure your egress policy provides priority treatment, or enough bandwidth, for that traffic.
04-27-2017 02:43 AM
On the physical interface i have gigabit and the provider is on the hub 50MBit and on the spoke 2Mbit.
So it would be better to use FQ and not QoS?
I dont`tknow anything about FQ. Do you have and info for me?
Thanks
04-27-2017 05:04 AM
FQ (fair-queue) is one of many QoS techniques. What it does, each flow (NB: actual Cisco implementations usually hash flows to flow queues, so multiple flows could still share a queue) get an equal share of the bandwidth. So, with something like a massive download, i.e. a bandwidth hog flow, it doesn't monopolize all the bandwidth.
As to info, much depends on your platform for "how to", including what your platform (and its IOS) supports. Lots of information on Cisco's main web site. Your platform's IOS Guide manual usually has a chapter on its QoS features.
12-25-2021 06:40 AM
Hi,
My architecture is in DMVPN HUB to Spokes
the QOS (policy) applies in just HUB or in two HUB-spokes
i want two traffic direction ascendent - descendent
12-25-2021 10:10 AM
Hello,
--> i want two traffic direction ascendent - descendent
Not sure what you mean by that. Do you need spoke to spoke QoS ?
12-25-2021 12:42 PM
12-25-2021 12:57 PM
Hello,
in a per tunnel QoS, the configuration goes partly on the hub and partly on the spoke:
12-26-2021 09:41 AM
Often you can have a QoS policy on most platform interfaces, for either/both ingress and egress. However, QoS features vary between ingress and egress and often differ across different platforms; also between some IOS versions.
What can be done with DMVPN, with regard to QoS, again, depends on platform, and IOS version.
Without detailed information on your network environment, and your QoS requirements, cannot further comment on how it might be done or even possible in your situation.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide