05-29-2018 06:32 AM - edited 03-08-2019 03:10 PM
Dear all
We have a use case where a customer just want to deploy QoS on a Layer 2 WAN (1 Gbit/s) connection. My approach is to mark the traffic by Access Lists (just example below).
DC 1 - Switch A ---PE--- Layer 2 WAN ---PE--- DC 2 - Switch B
Does anybody has experience with QoS just on a Layer 2 conenction where a provider is between? Did the provider destroy the QoS marking?
ACL--------------------------------------------------
ip access-list extended VOIP
permit udp any range 16384 32767 any range 16384 32767
!
ip access-list extended SSH
permit tcp any eq 22 any
permit udp any eq 22 any
permit tcp any any eq 22
permit udp any any eq 22
!
ip access-list extended SERVER-XY
permit tcp any <SERVER-XY>
permit tcp <SERVER-XY>
any permit udp any <SERVER-XY>
permit udp <SERVER-XY> any
!
Class------------------------------------------------
class-map match-any VOIP
match access-group name VOIP
!
class-map match-any SSH
match access-group name SSH
!
class-map match-any SERVER-XY
match access-group name SERVER-XY
etc.
MARKING-----------------------------------------------
policy-map QOS-INPUT
class VOIP
set dscp ef
class SERVER
set dscp af31
class SSH
set dscp cs2
class class-default
set dscp default
!
policy-map QOS_POLICY-EGRESS
class VOIP
priority
class SERVER-XY
bandwidth remaining percent 5
class BULK_DATA
bandwidth remaining percent 5
class SSH
bandwidth remaining percent 5
class class-default
bandwidth remaining percent 75
dbl
!
Switch Branch A interface giX/Y
service-policy output QOS_POLICY-EGRESS
service-policy input QOS_INGRESS
Switchport mode trunk
!
Switch Branch B interface giX/Y
service-policy output QOS_POLICY-EGRESS
service-policy input QOS_INGRESS
Switchport mode trunk
!
Thanks a lot in advance and best Regards
05-29-2018 07:06 AM
Hello,
your example uses IP and DSCP, these are layer 3 and probably won't work if you have just a layer 2 connection.
QoS options are heavily dependent on the platform you are using: which switch do you have ?
05-29-2018 07:15 AM
Dear Gregor
Thanks a lot for your answer.
Yes thats true, DSCP is for Layer 3, I should apply COS values. The config snippet is more to show how I would do it ACL marking.
There are 4500-X (Layer 3, Layer 2) and 3850 Stack as Access (Layer 2).
The Layer 2 Connection is from a 4500-X from one DC to also a 4500-X to the other DC. They are using GLC-T Modules for the 1 Gbit/s connection to the provider (Layer 2).
So the customer wants the QoS deployment just on this Layer 2 connection that includes 4500-X where I want to deploy the QoS Settings. Do you have experience with the Platform 4500-X?
Thanks and best Regards
05-29-2018 07:27 AM
Hello,
the 4500-X (running XE ?) gives you the entire range of options for QoS, including auto QoS.
Do you know already have an idea of the traffic you want to apply QoS to (e.g. voice, video, etc.) ?
05-29-2018 07:56 AM
Hi Georg
Yes, they are running IOS-XE Software - Version 03.04.05.SG RELEASE SOFTWARE (fc1).
Thank you for the link.
QoS - Classes:
- Voice
> Priority Queue
> COS 5
- Citrix - ICA traffic
> Priories
> COS 2
- Printer traffic
> Priories but should not impact User Sessions (Citrix)
> COS 1
- Router traffic / Network Management (SSH, HSRP, OSPF usw.)
> Priories
> COS 3 or COS 6
- Backup
> Is deployed during night
> not sure If I it is better to keep it in the default class
I would deploy an input policy marked based on ACLs and and Egress Policy on the Interface to Provider.
Best Regards
Oliver
05-30-2018 04:11 AM
Hi
I decided to change the approach from just applying QoS on the L2 connection to End-To-End-QoS.
Server A - 10.20.0.100/24
|
A-4500-X------------Layer-2-------------B-4500-X-----Server B - 10.10.0.100/24
|
3850 (Access Switch)
|
Client 10.0.0.5/24
I will do the marking for specific Server at Access Switch - ACL (where it is needed for specific Services) based and apply an input policy at Access Ports. Deploying Egress Policy for queuing on the Uplink port and the same from 4500-X via L2 to the other 4500-X.
If I am marking a traffic which is going to Server B lets say with dscp 18 and L3 domain ends on Device B-4500-X, do I have to configure explicitly DSCP-to-COS mapping on A-4500-X so that the Layer 2 connection is treated by QoS with COS values?
Thanks and best Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide