Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
784
Views
0
Helpful
7
Replies

QoS not tagging traffic on switches

JEB-1181
Level 1
Level 1

‎06-02-2020 11:39 AM

Recently I have been trying to improve our QoS policies to improve the quality of voice calls. I finally created a SPAN port to our SIP router and started capturing some packets. I discovered that out Jabber client voice traffic is not being tagged with the appropriate DSCP tag. Below is the QoS config I am using, it is just a slightly modified version from the Auto QoS config the switch creates when using the 'auto qos voip cisco-softphone' on the access interfaces. I am trying to learn more about QoS but have a long way to go. Here is the config:

 

ip access-list extended QoS-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended QoS-Default
permit ip any any
ip access-list extended QoS-MultiEnhanced-Conf
permit udp any any range 50000 50059
permit tcp any any range 50000 50059
permit udp any any range 33434 33598
permit udp any range 52500 62999 any eq 5004
permit udp any eq 5004 any range 52500 62999
permit udp any range 63000 65500 any eq 5004
permit udp any eq 5004 any range 63000 65500
permit udp any any range 24575 32767
ip access-list extended QoS-Scavenger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended QoS-VoIP-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended QoS-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
ip access-list extended QoS-Jabber-Audio
permit udp any any range 16384 24574


class-map match-any Bulk-Data-CM
match access-group name QoS-Bulk-Data
class-map match-any Multimedia-Conf-CM
match access-group name QoS-MultiEnhanced-Conf
class-map match-any VoIP-Data-CM
match dscp ef
match cos 5
class-map match-any VoIP-Signal-CM
match dscp cs3
match cos 3
class-map match-all Jabber-Audio-CM
match access-group name QoS-Jabber-Audio
class-map match-any Default-CM
match access-group name QoS-Default
class-map match-any Transaction-CM
match access-group name QoS-Transactional-Data
class-map match-any Scavanger-CM
match access-group name QoS-Scavenger
class-map match-any Signaling-CM
match access-group name QoS-VoIP-Signaling


policy-map Company-QoS-PM
class VoIP-Data-CM
set dscp ef
police cir 128000 bc 8000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class Jabber-Audio-CM
set dscp ef
police cir 128000 bc 8000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class VoIP-Signal-CM
set dscp cs3
police cir 32000 bc 8000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class Multimedia-Conf-CM
set dscp af41
police cir 5000000
conform-action transmit
exceed-action drop
class Bulk-Data-CM
set dscp af11
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class Transaction-CM
set dscp af21
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp
class Scavanger-CM
set dscp cs1
police cir 10000000
conform-action transmit
exceed-action drop
class Signaling-CM
set dscp cs3
police cir 32000 bc 8000
conform-action transmit
exceed-action drop
class Default-CM
set dscp default
police cir 10000000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp

 

int gi1/0/x

service-policy input Company-QoS-PM

 

With the packet tracer I can see that the SIP router is sending its traffic with the EF tag set, but the Jabber clients look to be using the CS0 tag. We are having issues with broken audio for some Jabber clients and I am just trying to ensure QoS is setup correctly since most of our users use Jabber for phone calls. Any help is greatly appreciated and please let me know if you need additional information.

Labels:
0 Helpful
7 Replies 7

Georg Pauwen
VIP
VIP

‎06-02-2020 12:51 PM - edited ‎06-02-2020 12:52 PM

Hello,

 

do you happen to run Jabber for Windows ? I seem to remember that Windows applications, in order to mark traffic, need to be run with administrator rights, and that is usually not what end users have.

0 Helpful

JEB-1181
Level 1
Level 1
In response to Georg Pauwen

‎06-03-2020 06:34 AM

We are using Jabber for Windows. I didn't know the Jabber client had the option to mark traffic. That's why I was just trying to mark traffic within the UDP port range that should be used for jabber audio.

0 Helpful

JEB-1181
Level 1
Level 1
In response to Georg Pauwen

‎06-03-2020 08:44 AM - edited ‎06-03-2020 09:14 AM

I created a local QoS policy within Windows to mark the traffic from Jabber but it doesnt look to be working right. At least on the VPN user I am testing with.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎06-02-2020 01:00 PM

What switch, IOS and feature set?

BTW, I'm unsure about:

class Jabber-Audio-CM
set dscp ef
police cir 128000 bc 8000
conform-action transmit

I don't know whether the police statement's conform action maintains the original ToS tag or whether your set DSCP EF is taken. Logically, especially for non-conforming traffic, you would want the police statement to dictate the action. I suggest you remove the stand alone set DSCP statement and change the conform action to mark as EF.
0 Helpful

JEB-1181
Level 1
Level 1
In response to Joseph W. Doherty

‎06-03-2020 06:24 AM

We have a variety of switches, this one in particular is a WS-C3850-48T stack running 16.9.4 code. I will try adjusting the Jabber-Audio-CM class as you suggested to see if that helps. 

0 Helpful

JEB-1181
Level 1
Level 1
In response to Joseph W. Doherty

‎06-03-2020 06:33 AM

I removed the 'set dscp ef' from the Jabber-Audio-CM class and tried to add 'conform-action set-dscp-transmit ef'. The switch appears to take the command but when looking at the configuration that config is not on the switch.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to JEB-1181

‎06-03-2020 10:20 AM

Ah, well possibly a TAC issue.

In the meantime, assuming you cannot tag as desired at the host, some other options include removing the policer and just tagging or, if device, or other device will allow, tag and police separately.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card