cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4378
Views
0
Helpful
11
Replies

Need help with QoS setup on Cisco routers

Alen Danielyan
Level 1
Level 1

Hi!

Let me describe the task first.

Our company Intranet consists of 2 regional networks, each of which is a DMVPN network with regional center (regional hub, Cisco 1811) and small branches (spokes, Cisco 871). The hubs of the regional centers are also connected with each other by 2 encrypted tunnels (GRE + IPSec).

All spoke routers connect to their regional hub via 2 external lines, OSPF is  used.

So, topology is 2 stars with connected centers.

The target was: to consolidate servers of each region in the respective regional center, provide reachability of all branches networks between each other (for VoIP primarily), plus regional centers to provide Internet connection for spokes of its own region (only).

Now, I want to deploy something like QoS. (I think it is QoS, but I am not sure how it should be called.)

More precisely, I want to divide the whole traffic between offices onto 4 types (or classes?):

I:   High priority traffic (back office application traffic (Oracle) - TCP 1521),

II:  VoIP traffic (we have not implement VoIP yet, so I don't know will it be SIP or anything else),

III: Normal priority traffic (any non-specified traffic)

IV: Low priority traffic (FTP - TCP 20, 21; file sharing (SMB) - TCP 445, UDP445; Lotus - TCP 1352).

Then I wish every "moment" to provide a predefined part of the available bandwidth to each type\class of traffic as guaranteed. For example,

I:   50%

II:  20%

III: 20%

IV: 10%.

Under guaranteed I mean minimum. And in case no other type of traffic is being transfered, even Low priority traffic must utillize the whole bandwidth. In case several but not all types of traffic are tranfered, the available bandwidth has to be divided according to the guaranteed values proportions. For instance, if only III and IV types are transfered, III must get 66,7% and IV - 33,3% of bandwidth (2:1, as we have 20%:10%) and so on.

I hope you understand the idea.

Now my questions:

1. Do I formulate the bandwidth distribution task correctly? (And is it QoS task at all?) Or it has to be done other way? (I am not familiar with QoS yet) Please formulate as it should be for your opinion.

2. Is it possible to deploy QoS using our Cisco 1811 and 871 routers?

I was told QoS could be setup only on L3 interfaces, and not vlan subinterfaces (at least in case of our routers). I tried to clarify that using Cisco feature tool, but I could not unerstand what to check.

P.S. We have IOS v. 12.4.24 T2 in all the routers.

3. Can you provide me with the best and brief QoS theory and specific configuration guides links, please?

Thanks in advance.

1 Accepted Solution

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Alen,

Now my questions:

>>> 1. Do I formulate the bandwidth distribution task correctly? (And is it QoS task at all?) Or it has to be done other way? (I am not familiar with QoS yet) >> Please formulate as it should be for your opinion.

You have described the need for a scheduler with elasticity to allow to specify minimum bandwidth in case of congestion but allowing to use more then stated bandwidth if resources are available.

This is QoS stuff and you need to look at CBWFQ = Class Based Weighted Fair Queueing

>>2. Is it possible to deploy QoS using our Cisco 1811 and 871 routers?

>>I was told QoS could be setup only on L3 interfaces, and not vlan subinterfaces (at least in case of our routers). I tried to clarify that using Cisco feature >>tool, but I could not unerstand what to check.

>>P.S. We have IOS v. 12.4.24 T2 in all the routers.

the problem is that you have also logical interfaces like tunnels, however by using hierarchical QoS you should be able to deploy CBWFQ within a pipe built by a shaper.

Also you may need to mark traffic on lan intefaces in order to be able to differentiate flows on the WAN interfaces taking advantage of the fact that external headers (GRE, IPSec) copy internal header TOS byte.

>> 3. Can you provide me with the best and brief QoS theory and specific configuration guides links, please?

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/congstion_mgmt_oview_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1001203

for QOS

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book.html

Hope to help

Giuseppe

View solution in original post

11 Replies 11

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Alen,

Now my questions:

>>> 1. Do I formulate the bandwidth distribution task correctly? (And is it QoS task at all?) Or it has to be done other way? (I am not familiar with QoS yet) >> Please formulate as it should be for your opinion.

You have described the need for a scheduler with elasticity to allow to specify minimum bandwidth in case of congestion but allowing to use more then stated bandwidth if resources are available.

This is QoS stuff and you need to look at CBWFQ = Class Based Weighted Fair Queueing

>>2. Is it possible to deploy QoS using our Cisco 1811 and 871 routers?

>>I was told QoS could be setup only on L3 interfaces, and not vlan subinterfaces (at least in case of our routers). I tried to clarify that using Cisco feature >>tool, but I could not unerstand what to check.

>>P.S. We have IOS v. 12.4.24 T2 in all the routers.

the problem is that you have also logical interfaces like tunnels, however by using hierarchical QoS you should be able to deploy CBWFQ within a pipe built by a shaper.

Also you may need to mark traffic on lan intefaces in order to be able to differentiate flows on the WAN interfaces taking advantage of the fact that external headers (GRE, IPSec) copy internal header TOS byte.

>> 3. Can you provide me with the best and brief QoS theory and specific configuration guides links, please?

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/congstion_mgmt_oview_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1001203

for QOS

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book.html

Hope to help

Giuseppe

Tahnk you, giuslar

So, what I need is Class Based Weighted Fair Queueing QoS. This is clear.

You said I need to mark traffic on the routers lan intefaces. Does this mean I should apply class maps to LAN interfaces? (I am not sure what I said makes sense).

I did not understand what means "with hierarchical QoS you should be able to deploy CBWFQ within a pipe built  by a shaper".

As I can understand, I'll mark traffic transfered from office LAN hosts to router LAN interface, then while it is directed to the Tunnel interface the class mark will be preserved in the "encapsulating" packet and finally shaping will be done on the external interface according to the traffic classes?

P.S.

Enterprise QoS Solution Reference Network Design Guide - 328 pages

Cisco IOS Quality of Service Solutions Configuration Guide - 1110 pages

This is very cruel.

QoS deployment is postponed till 2012...

Aren't there any brief configuration examples I can use?

I am reading about CBWFQ by the link you provided and already have questions.

1. It is written:

Traffic shaping and policing are not currently supported with CBWFQ.

...

CBWFQ is not supported on Ethernet subinterfaces.

??? Don't I need shapping and CBWFQ on Ethernet subinterfaces?

2. Pure WFQ, as I understand this QoS variant distributes bandwidth evenly among all active "flows", where flow is just a session. Besides, WFQ can recognize classified traffic (by ToS) and creates 2 categories of flows: high-volume and low-volume, and low volume has higher priority.

Thus in case of WFQ we have 2 categories of flows and bandwidth is distributed evenly among all flows (sessions) of the same category!?

3. In CBWFQ there is such thing as default class, which is just a variety of all unclassified traffics. In my task I have a "Normal" type of traffic, class III. As I understand my III class is equvalent of the default class.

=> questions:

Should I define that class or leave those types of traffic to be marked as default class?

What to do in both cases with the total bandwidth in light of this:

The sum of all bandwidth allocation on an 
interface cannot exceed 75 percent of the total available interface 
bandwidth. The remaining 25 percent is used for other overhead, 
including Layer 2 overhead, routing traffic, and best-effort traffic. 
Bandwidth for the CBWFQ class-default class, for instance, is taken from
 the remaining 25 percent.

?

I am thinking to do this:

- In case I define the Normal priority traffic, which plays the role of the default class, make the total bandwidth for all 4 classes ~90-95%, leaving 5% just in case.

- In case I don't define Normal priority traffic, keep ~ 25-30% of bandwidth as non-distributed.

If I do not define the Normal class, does default class get the rest of  the bandwidth as guaranteed?

4. As I understand, even if I do not use any QoS regime, be default, VoIP traffic will automatically get higher priority. Is this true?

2. Pure WFQ, as I understand this QoS variant distributes bandwidth evenly among all active "flows", where flow is just a session. Besides, WFQ can recognize classified traffic (by ToS) and creates 2 categories of flows: high-volume and low-volume, and low volume has higher priority.

Thus in case of WFQ we have 2 categories of flows and bandwidth is distributed evenly among all flows (sessions) of the same category!?

"Flow-based WFQ applies weights to traffic to  classify it into conversations and determine how much bandwidth each  conversation is allowed relative to other conversations. For flow-based  WFQ, these weights, and traffic classification, are dependent on and  limited to the seven IP Precedence levels."

So, there are 7 types of flows each with the respective weight and each type of flows gets the respective (to its weight) part of the total bandwidth and all flows of the same type get an equal part of the total bandwidth their type is granted.

But what is the role of 2 flow categories?

Consider that if a WAN link is constantly congested, traffic prioritization may not resolve the problem. Adding bandwidth might be the appropriate solution.
If there is no congestion on the WAN link, there is no reason to implement traffic prioritization

This is my chance!

How to check if my WAN interfaces have\have not congestion?

I think the best variant is to run monitoring during one typical business day and then look at the values. Can you advise me the way for my routers to automatically gather the necessary information? (as I understand, I need avg. queue length from ~ 9:00 till 18:00, several peaks of queue length and their durations)

Here is my draft config:

QoS ACLs

ip access-list extended QoS-HighPT

remark Traffic to regional center 1 Oracle servers and reverse

permit tcp 192.168.0.0 0.0.63.255 192.168.0.0 0.0.0.255 eq 1521

permit tcp 192.168.0.0 0.0.0.255 eq 1521 192.168.0.0 0.0.63.255

remark Traffic to regional center 2 Oracle servers and reverse

permit tcp 192.168.0.0 0.0.63.255 192.168.30.0 0.0.0.255 eq 1521

permit tcp 192.168.30.0 0.0.0.255 eq 1521 192.168.0.0 0.0.63.255

      deny any any

ip access-list extended QoS-VoIP

remark VoIP Traffic

permit tcp any eq 5060 any eq 5060

permit udp any eq 5060 any eq 5060

deny any any

ip access-list extended QoS-LowPT

remark SMB Traffic (direct and reverse)

permit tcp any any eq 445

permit tcp any eq 445 any

permit udp any any eq 445

permit udp any eq 445 any

remark Lotus Notes Traffic (direct and reverse)

permit tcp any any eq 1352

permit tcp any eq 1352 any

remark e-mail Traffic (direct and reverse)

permit tcp any any eq smtp

permit tcp any eq smtp any

permit tcp any any eq pop3

permit tcp any eq pop3 any

deny any any

QoS classes

class-map QoS-HighPT

match access-group name QoS-HighPT

exit

class-map QoS-VoIP

match access-group name QoS-VoIP

exit

class-map QoS-LowPT

match access-group name QoS-LowPT

exit

Policy maps

policy-map MyQoS

class QoS-HighPT

bandwidth percent 20

exit

class QoS-VoIP

bandwidth percent 40

exit

class QoS-LowPT

bandwidth percent 10

exit

class class-default

bandwidth percent 30

exit

Applying policy map to external interfaces

interface fa4

service-policy output MyQoS

interface vlan20

service-policy output MyQoS

Please give your comments.

I also remind, you said I need to mark traffic incoming to the routers LAN interfaces and I need to use hierarchical QoS. Can you explain in more detailed way, what does all it mean and how to do that?

Hi alen,

I suggest you to use LLQ for high priority class so that it will be served on priority at time of congestion

you can change config as

class QoS-HighPT

bandwidth percent 20

priority

exit

Thanks and regards

Mahesh

Thank you, Mahesh.

I knew about priority command, but after reading "Comparing the bandwidth and priority Commands of a QoS Service Policy" I understood it is not what I need. For example, as I understand "priority" will prevent unallocated bandwidth use (by prioritized class) in case of congestion.

In addition, the priority command 
implements a maximum bandwidth guarantee. Internally, the priority queue uses a 
token bucket that measures the offered load and ensures that the traffic 
stream conforms to the configured rate. Only traffic that conforms to the 
token bucket is guaranteed low latency. Any excess traffic is sent if the link is 
not congested or is dropped if the link is congested.

...

Although the bandwidth guarantees provided by the bandwidth and priority commands have been described with words like "reserved" and "bandwidth to be set aside", neither command implements a true reservation. In other words, if a traffic class is not using its configured bandwidth, any unused bandwidth is shared among the other classes.

 

The queueing system imposes an important exception to this rule with a priority class. As noted above, the offered load of a priority class is metered by a traffic policer. During congestion conditions, a priority class cannot use any excess bandwidth.


...
From the above discussion, it is important to understand that since the priority classes are policed during congestion conditions, they are not allocated any remaining bandwidth from the bandwidth classes. Thus, remaining bandwidth is shared by all bandwidth classes and class-default.

But I see your usage of "priority" command differs from what I read ("priority kbps [bytes]"). May be it does anything else?

What I need is ideally described as CBWFQ usual behaviour:

Here is how the Class-Based Weighted Fair Queueing Feature Overview describes the allocation mechanism: "If excess bandwidth is available, the excess bandwidth is 
divided amongst the traffic classes in proportion to their configured 
bandwidths. If not all of the bandwidth is allocated, the remaining bandwidth is proportionally allocated among the classes, based on their configured bandwidth."

guislar, please help, don't leave me in the middle.

Can anyone help me, please?

Review Cisco Networking for a $25 gift card