Tahnk you, giuslar

So, what I need is Class Based Weighted Fair Queueing QoS. This is clear.

You said I need to mark traffic on the routers lan intefaces. Does this mean I should apply class maps to LAN interfaces? (I am not sure what I said makes sense).

I did not understand what means "with hierarchical QoS you should be able to deploy CBWFQ within a pipe built  by a shaper".

As I can understand, I'll mark traffic transfered from office LAN hosts to router LAN interface, then while it is directed to the Tunnel interface the class mark will be preserved in the "encapsulating" packet and finally shaping will be done on the external interface according to the traffic classes?

P.S.

Enterprise QoS Solution Reference Network Design Guide - 328 pages

Cisco IOS Quality of Service Solutions Configuration Guide - 1110 pages

This is very cruel.

QoS deployment is postponed till 2012...

Aren't there any brief configuration examples I can use?

I am reading about CBWFQ by the link you provided and already have questions.

1. It is written:

Traffic shaping and policing are not currently supported with CBWFQ.

...

CBWFQ is not supported on Ethernet subinterfaces.

??? Don't I need shapping and CBWFQ on Ethernet subinterfaces?

2. Pure WFQ, as I understand this QoS variant distributes bandwidth evenly among all active "flows", where flow is just a session. Besides, WFQ can recognize classified traffic (by ToS) and creates 2 categories of flows: high-volume and low-volume, and low volume has higher priority.

Thus in case of WFQ we have 2 categories of flows and bandwidth is distributed evenly among all flows (sessions) of the same category!?

3. In CBWFQ there is such thing as default class, which is just a variety of all unclassified traffics. In my task I have a "Normal" type of traffic, class III. As I understand my III class is equvalent of the default class.

=> questions:

Should I define that class or leave those types of traffic to be marked as default class?

What to do in both cases with the total bandwidth in light of this:

The sum of all bandwidth allocation on an 
interface cannot exceed 75 percent of the total available interface 
bandwidth. The remaining 25 percent is used for other overhead, 
including Layer 2 overhead, routing traffic, and best-effort traffic. 
Bandwidth for the CBWFQ class-default class, for instance, is taken from
 the remaining 25 percent.

?

I am thinking to do this:

- In case I define the Normal priority traffic, which plays the role of the default class, make the total bandwidth for all 4 classes ~90-95%, leaving 5% just in case.

- In case I don't define Normal priority traffic, keep ~ 25-30% of bandwidth as non-distributed.

If I do not define the Normal class, does default class get the rest of  the bandwidth as guaranteed?

4. As I understand, even if I do not use any QoS regime, be default, VoIP traffic will automatically get higher priority. Is this true?

2. Pure WFQ, as I understand this QoS variant distributes bandwidth evenly among all active "flows", where flow is just a session. Besides, WFQ can recognize classified traffic (by ToS) and creates 2 categories of flows: high-volume and low-volume, and low volume has higher priority.
Thus in case of WFQ we have 2 categories of flows and bandwidth is distributed evenly among all flows (sessions) of the same category!?

"Flow-based WFQ applies weights to traffic to  classify it into conversations and determine how much bandwidth each  conversation is allowed relative to other conversations. For flow-based  WFQ, these weights, and traffic classification, are dependent on and  limited to the seven IP Precedence levels."

So, there are 7 types of flows each with the respective weight and each type of flows gets the respective (to its weight) part of the total bandwidth and all flows of the same type get an equal part of the total bandwidth their type is granted.

But what is the role of 2 flow categories?

Consider that if a WAN link is constantly congested, traffic prioritization may not resolve the problem. Adding bandwidth might be the appropriate solution.
If there is no congestion on the WAN link, there is no reason to implement traffic prioritization

This is my chance!

How to check if my WAN interfaces have\have not congestion?

I think the best variant is to run monitoring during one typical business day and then look at the values. Can you advise me the way for my routers to automatically gather the necessary information? (as I understand, I need avg. queue length from ~ 9:00 till 18:00, several peaks of queue length and their durations)

giuslar?

Here is my draft config:

QoS ACLs

ip access-list extended QoS-HighPT

remark Traffic to regional center 1 Oracle servers and reverse

permit tcp 192.168.0.0 0.0.63.255 192.168.0.0 0.0.0.255 eq 1521

permit tcp 192.168.0.0 0.0.0.255 eq 1521 192.168.0.0 0.0.63.255

remark Traffic to regional center 2 Oracle servers and reverse

permit tcp 192.168.0.0 0.0.63.255 192.168.30.0 0.0.0.255 eq 1521

permit tcp 192.168.30.0 0.0.0.255 eq 1521 192.168.0.0 0.0.63.255

ip access-list extended QoS-VoIP

remark VoIP Traffic

permit tcp any eq 5060 any eq 5060

permit udp any eq 5060 any eq 5060

deny any any

ip access-list extended QoS-LowPT

remark SMB Traffic (direct and reverse)

permit tcp any any eq 445

permit tcp any eq 445 any

permit udp any any eq 445

permit udp any eq 445 any

remark Lotus Notes Traffic (direct and reverse)

permit tcp any any eq 1352

permit tcp any eq 1352 any

remark e-mail Traffic (direct and reverse)

permit tcp any any eq smtp

permit tcp any eq smtp any

permit tcp any any eq pop3

permit tcp any eq pop3 any

deny any any

QoS classes

class-map QoS-HighPT

match access-group name QoS-HighPT

exit

class-map QoS-VoIP

match access-group name QoS-VoIP

exit

class-map QoS-LowPT

match access-group name QoS-LowPT

exit

Policy maps

policy-map MyQoS

class QoS-HighPT

bandwidth percent 20

exit

class QoS-VoIP

bandwidth percent 40

exit

class QoS-LowPT

bandwidth percent 10

exit

class class-default

bandwidth percent 30

exit

Applying policy map to external interfaces

interface fa4

service-policy output MyQoS

interface vlan20

service-policy output MyQoS

Please give your comments.

I also remind, you said I need to mark traffic incoming to the routers LAN interfaces and I need to use hierarchical QoS. Can you explain in more detailed way, what does all it mean and how to do that?

Hi alen,

I suggest you to use LLQ for high priority class so that it will be served on priority at time of congestion

you can change config as

class QoS-HighPT

bandwidth percent 20

priority

exit

Thanks and regards

Mahesh

Thank you, Mahesh.

I knew about priority command, but after reading "Comparing the bandwidth and priority Commands of a QoS Service Policy" I understood it is not what I need. For example, as I understand "priority" will prevent unallocated bandwidth use (by prioritized class) in case of congestion.

In addition, the priority command 
implements a maximum bandwidth guarantee. Internally, the priority queue uses a 
token bucket that measures the offered load and ensures that the traffic 
stream conforms to the configured rate. Only traffic that conforms to the 
token bucket is guaranteed low latency. Any excess traffic is sent if the link is 
not congested or is dropped if the link is congested.

...
Although the bandwidth guarantees provided by 
the bandwidth and priority commands have been described with words like "reserved" and "bandwidth
 to be set aside", neither command implements a true reservation. In other 
words, if a traffic class is not using its configured bandwidth, any unused 
bandwidth is shared among the other classes. 
 
  
The queueing system imposes an important exception to this rule 
with a priority class. As noted above, the offered load of a priority class 
is metered by a traffic policer. During congestion conditions, a priority 
class cannot use any excess bandwidth. 

...
From the above discussion, it is important to 
understand that since the priority classes are policed during congestion conditions, they are 
not allocated any remaining bandwidth from the bandwidth classes. Thus, remaining bandwidth is shared by all bandwidth classes and class-default.

But I see your usage of "priority" command differs from what I read ("priority kbps [bytes]"). May be it does anything else?

What I need is ideally described as CBWFQ usual behaviour:

Here is how the Class-Based Weighted Fair Queueing Feature Overview describes the allocation mechanism: "If excess bandwidth is available, the excess bandwidth is 
divided amongst the traffic classes in proportion to their configured 
bandwidths. If not all of the bandwidth is allocated, the remaining bandwidth is proportionally allocated among the classes, based on their configured bandwidth."

guislar, please help, don't leave me in the middle.

Can anyone help me, please?