Re: Qos between remote router and switch

Rowlands Sharles · ‎09-23-2024

Hi support,

i want to configure the Qos for remote users to access applications on main site. i can do classification, marking and so on.

my issues is on the remote site,

First, where to do the classification and marking? swicthes or remote router?

Second, In remote site the connexion between router and switch is trunk, How can i configure the Qos between the router and the swicth?

Attached is my diagram

Plz

Joseph W. Doherty · ‎09-23-2024

"First, where to do the classification and marking? swicthes or remote router?"

Ideally as close to the source as possibly, including on the source host itself. For the latter, though, you often should do verification as close to the source too. Again, that's the ideal. Often, when dealing with constrained bandwidth links (often WANs) I've done all that was really needed on the bandwidth constrained interface within an egress QoS policy.

"Second, In remote site the connexion between router and switch is trunk, How can i configure the Qos between the router and the swicth?"

On switch, QoS is effected on trunk interface and L3 switch, possibly and on SVI(s). On router, QoS is effected on subinterfaces and/or main interfaces.

Possibly as important, if not more so, what do you want your QoS to accomplish?

BTW, QoS features and defaults vary between platforms, especially switches. Also switches usually have more limited QoS features compared to routers.

Lastly, if QoS is new to you, "book" QoS recommendations are usually more complex than actually needed, and often are not nearly as effective as they can be. BTW, I suspect "book" QoS's complexity and overall ineffectiveness is why QoS is overlooked.

Rowlands Sharles · ‎09-23-2024

Hi Joseph,

I want Qos to allow more bandwidth for voice and applications. I want to allow 50% of bandwidth to the applications on servers 10.10.10.2 and 10.10.10.3

So, do to classification as close the source, that means it's better to do classification and marking on the swicthes, because the source of traffic are users hosts and ip phone.

Regards

Joseph W. Doherty · ‎09-23-2024

"So, do to classification as close the source, that means it's better to do classification and marking on the swicthes, because the source of traffic are users hosts and ip phone."

Correct, although VoIP phones often mark their traffic as the phone is configured. However, VoIP should be validated, often done by having Cisco VoIP phones use CDP for validation it's a phone.

"I want Qos to allow more bandwidth for voice and applications. I want to allow 50% of bandwidth to the applications on servers 10.10.10.2 and 10.10.10.3"

Normally VoIP bearer traffic is provided priority over all other traffic but bandwidth capped at 1/3 or less of maximum available bandwidth.

You can use the server IPs as classification criteria. You'll need to clarify how their "application" traffic should be identified (optionally) beyond just IPs. You'll also need to further clarify the 50% allocation, such as just a minimum and/or maximum, and percentage per server or the pair of servers.

Also, as I've found FQ a very powerful method for dealing with many traffic types, you might fine it can avoid needing per server traffic treatment.

Rowlands Sharles · ‎09-23-2024

Hi Joseph,

i'm right with, want to use servers IPs for classification with ACL. switches are using COS and router using DSCP, i know that the cos-dscp maps will translate.

my concern regarding how to configure the Trunk interface on the switch, also how to configure the router interface with SVI.

How to configure qos on the switch interface Gi1/0/1

How to configure qos on the router interface Gi0/0 (with many SVI configured)

Regards

Giuseppe Larosa · ‎09-23-2024

Hello @Rowlands Sharles ,

most modern Cisco IOS and IOS Xe switches use an internal DSCP set of values for implementing QoS.

the router has vlan based subinterfaces and not SVI ( unless in some low end models where also the router port is actually a trunk port carrying few VLANs)

Hope to help

Giuseppe

Joseph W. Doherty · ‎09-24-2024

"most modern Cisco IOS and IOS Xe switches use an internal DSCP set of values for implementing QoS."

BTW, it took me a several reads and some thought to grasp what the above paragraph is telling us.

I believe it means many QoS capable Cisco switches have a default QoS configuration, using ToS, when QoS is enabled (which is correct). This is unlike routers.

Such a default Cisco switch QoS configuration is usually a very simplistic egress configuration, such as splitting equal numbers of CoS/IPPrec values across egress queues, each queue allocated equal resources.

From a truly useful QoS policy, such defaults have little benefit. So, why done? I suspect that's because hardware resources are also reserved to switch egress queues (by default).

Joseph W. Doherty · ‎09-23-2024

"my concern regarding how to configure the Trunk interface on the switch, . . ."

Depends on the switch, which you haven't identified.

". . . also how to configure the router interface with SVI."

Your router has an SVI? As also already noted by @Giuseppe Larosa, that's unusual except on the routers that provide an integrated switch or a switch module. QoS capabilities would depend much on the embedded switch's capabilities, again, very variable across platforms. You need to precisely identify hardware.

"switches are using COS"

They are only capable of CoS? If not, i.e. they can do L3 ToS, pretend CoS doesn't exist.

Rowlands Sharles · ‎09-23-2024

Sorry, @Giuseppe Larosa, router has subinterfaces and not SVI.

MHM Cisco World · ‎09-23-2024

There is CoS and ToS

In SW without use any IP ypu can set CoS for traffic' in router you can use ToS-CoS Mapping this will make one router send ToS to other router via WAN which later use it for qos BW percent.

MHM

Rowlands Sharles · ‎09-23-2024

Hi MHM,

Thanks, can i have a piece of configuration

attached is the simple configuration of switch and router interfaces, can you please add qos informations

SWITCH CONFIGURATION

SW-1(config)#do sh run
!
spanning-tree mode pvst
!
class-map match-any APPLI
match access-group name APPLICATIONS
class-map match-any VOICE
match ip dscp ef
!
interface GigabitEthernet1/0/1
switchport mode trunk
!
interface GigabitEthernet1/0/2
!

!
interface GigabitEthernet1/1/4
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
ip access-list extended APPLICATIONS
permit ip any host 10.10.10.2
permit ip any host 10.10.10.3
!
line con 0
!
line aux 0
!
line vty 0 4
login
!

end
SW-1(config)#

ROUTER CONFIGURATION

REMOTE-R1#sh running-config
Building configuration...

Current configuration : 888 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname REMOTE-R1
!
no ip domain-lookup
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 10.0.1.1 255.255.255.0
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 10.0.2.1 255.255.255.0
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!

!
end

REMOTE-R1#