Re: Prioritization of Voice and Video over the Internet

cknox1 · ‎05-17-2019

Hi

I wanted to know if there was a way to prioritize video and voice on the local network?.... we currently have a L3 Switches which connect to an MPLS but also a local breakout for anything destined for Internet (Cloud, browsing etc) - We used skype and I want to place a higher priority for this traffic, but the problem is I am sure you cannot do this over the internet - Only on the MPLS.

Is this possible on the internet? Also, what would be the benefit of prioritizing this traffic locally?

Help would be appreciated! Thanks

Giuseppe Larosa · ‎05-17-2019

Hello cknox1,

you could try to mark your traffic with a DSCP value like EF but there are no guarantees that your marking will be honored beyond your upstream Internet ISP.

Somewhere in the path to final destination of the call someone can change the marking of the packets or he can simply ignore markings.

The MPLS cloud is a different environment under the control of a single SP and can provide QoS by giving consistent treatment to marked packets inside the MPLS network.

So your possible efforts are limited over the public Internet.

Hope to help

Giuseppe

cknox1 · ‎05-17-2019

Hi Giuseppe

Thank you for your response,

I agree we can mark the traffic with EF to give some prioritization over the LAN ... but once it hits our firewall then like you correctly said there is no guarantee that the markings will be honoured ... so I think that marking the traffic on the switches just to push it to the firewall quicker will be slightly pointless....

Am i right in my thinking?

Ofcourss if this traffic was pushed over the MPLS then yes it's a different story all together as we would then get full QOS capability

Thanks!

Giuseppe Larosa · ‎05-17-2019

Hello cknox1,

thanks for your kind remarks.

the problem with the public Internet is that it is formed by many different ISPs and customers that only agree on basic connectivity services.

Marking can be honored inside the network of your upstream ISP, but after the packets leave it they can be remarked to best effort.

Hope to help

Giuseppe

Joseph W. Doherty · ‎05-18-2019

"I wanted to know if there was a way to prioritize video and voice on the local network?"

Yes, and BTW, tagging packets isn't required, also having packets tagged doesn't guarantee different service levels.

". . . but the problem is I am sure you cannot do this over the internet - Only on the MPLS"

In theory ISPs could, but generally they don't (also if they do, it's often for their own internal purposes, i.e. something they don't offer to their customers). As Giuseppe mentions, an ISP could also remark you packets, but generally they don't. However, if they do, if you encapsulate your packets within a tunnel, your original packet's tags are protected.

Lastly, MPLS does support it's own markings (much more limited than IP markings), but it's up to your MPLS provider what, if any, QoS they provide.

cknox1 · ‎05-20-2019

Hi Giuseppe and Joseph,

Thank you for your responses, this is highly appreciated.

I knew this would be the case in regards to priority over Internet links.. Which was my original concern.

In terms of prioritizing the traffic on the local LAN on our switches - Would this be a difficult configuration? As I understand the ports etc for applications like Skype are quite a broad range?

Please let me know,

Thanks!

Mark Malone · ‎05-20-2019

Hi
If your doing it on the LAN side i would use auto qos it will cover Skype , works well for us ,we use that and Lync too

You can also tweak the auto generated class maps , you can see whats going to be generated before hand depending on the command you put in place it can change slighty but all the usual's are covered generally

For the internet traffic maybe a GRE tunnel with QOS enabled on each end as Joseph stated

This command on LAN side would create the associated policy and class maps .....

auto qos voip trust command

This table summarizes the input directional policies that are generated based on the auto qos voip trust command.
Table 21 auto qos voip trust Command - Input Direction

Policy Map Generated

Class Map Generated

policy-map AutoQos-4.0-Trust-Cos-Input-Policy
class class-default
set cos cos table AutoQos-4.0-Trust-Cos-Table

Table Map AutoQos-4.0-Trust-Cos-Table
default copy

This table summarizes the output directional policies that are generated based on the auto qos voip trust command.
Table 22 auto qos voip trust Command - Output Direction

Policy Map Generated

Class Map Generated

policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25

class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5

class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs3 cs6 cs7
match cos 3

class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4

class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2

class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1

class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1

class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33

https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_010001.html#reference_38B9E6167768463999706E8BBD6C12D1

Giuseppe Larosa · ‎05-20-2019

Hello cknox1,

QoS on LAN switches is a very broad articulated subject.

The short answer is that what you can do depends on what models of switches you have.

The newer platforms like C3850, C3650 allows for configuration using modular QoS like in routers that use class-maps that can use extended ACLs to match traffic.

However, routers support also NBAR that allows for matching protocols up to application level (OSI layer 7).

I don't know if NBAR is supported on switches like C3850.

If you have older switches they do not support modular QoS so your options can be much more limited.

If you provide details about the switches models involved and their IOS / IOS XE version you can get better help.

Edit:

The use of a GRE Tunnel over the internet as suggested by Joseph would only allow to preserve original marking of DSCP on user traffic.

However, it does not provide guaranteed benefits on the end to end path, because the external GRE header marking can be changed or simply ignored.

Also the GRE Tunnel can help you only for providing consistent marking for traffic between your own sites (where the GRE tunnel is terminated) and cannot be used for a generic destination on the it.

Edit2:

Mark's suggestion about autoQoS is really interesting I didn't know it could match Skype / Lync traffic.

Hope to help

Giuseppe

cknox1 · ‎05-20-2019

Hi Mark,

Oh this sounds like a great solution – so we currently do not have any GRE tunnels on a site by site basis, all traffic just goes over to O365 cloud.

It seems Skype eats up a lot of bandwidth on the LAN when using Video and Auto-Qos would at least solve this issue it seems – Obviously over the internet I cannot control.

Hi Giuseppe,

The L3 switches we are running are 3650-24ts with 03.06.04.E but these are due an upgrade 😊

Thanks!

Mark Malone · ‎05-20-2019

Yes it works well on LAN side we have maybe 600 plus switches globally running it and then standard modular QOS on WAN circuits
If your stuck post what you see we can take a look assist

this may help
Quality of Service Options on GRE Tunnel Interfaces
https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/10106-qos-tunnel.html

Joseph W. Doherty · ‎05-20-2019

"n terms of prioritizing the traffic on the local LAN on our switches - Would this be a difficult configuration? As I understand the ports etc for applications like Skype are quite a broad range?"

Providing some form of traffic prioritization, on QoS capable switches, is often simple. Classification of the traffic can be difficult, especially on switches which don't offer many router QoS features.

Generally on LANs, QoS isn't often as needed as on WANs because LANs generally have much less latency, often much more bandwidth (and additional bandwidth can be much easier to obtain and also much less costly).