01-25-2014 12:41 PM - edited 03-07-2019 05:47 PM
Hi eXperts,
I am not able to get working QOS as I expect
Two stations are attached to the same switch and one of them is dedicated to upload
traffic intensive.
The goal is to leave all the bandwith available to this pc where there are no other pc
making traffic on internet, but dinamically reduce bandwith to this pc when some other pc
starts to make internet traffic. Match is done watching to fixed destination ip addresses and specific
protocol "https" > this and only this traffic to this specific ip addresses must be reduced.
All policy-maps are matching but there is something wrong because during intensive upload
if I try to open a simple page from another pc, traffic (for e.g. http navigation) is quite impossible.
This is my configuration :
class-map match-any MidPriority-Out
match dscp af21
class-map match-any Voice-Out
match dscp ef
class-map match-any ExcludeIp
match not access-group 107
class-map match-any TrafficType
match protocol dns
match protocol http
match protocol nntp
match protocol ntp
match protocol netbios
match protocol pop3
match protocol secure-ftp
match protocol secure-http
match protocol secure-pop3
match protocol secure-telnet
match protocol ssh
match protocol telnet
class-map match-all HighPriority-in
match class-map ExcludeIp
match class-map TrafficType
class-map match-all IncludeIp
match protocol secure-http
match access-group 107
class-map match-any MidPriority-in
match protocol pptp
match protocol gre
match protocol ftp
match class-map IncludeIp
class-map match-any Voice-in
match access-group 104
match protocol rtp
class-map match-any HighPriority-Out
match dscp af11
!
!
policy-map Traffic-Out
class Voice-Out
priority percent 50
class HighPriority-Out
bandwidth percent 20
random-detect
class MidPriority-Out
bandwidth percent 5
random-detect
class class-default
fair-queue
random-detect
policy-map Traffic-In
class Voice-in
set dscp ef
class HighPriority-in
set dscp af11
class MidPriority-in
set dscp af21
!
!
interface FastEthernet0/0
ip address 192.168.0.10 255.255.255.0
ip nat inside
ip virtual-reassembly
speed auto
service-policy input Traffic-In
!
interface ATM1/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
!
!
interface Virtual-Template1 type tunnel
ip unnumbered Dialer0
ip nat inside
ip virtual-reassembly
tunnel mode ipsec ipv4
tunnel protection ipsec profile XX_XX__X
!
interface Dialer0
bandwidth 360
ip address negotiated
ip access-group 100 in
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp pap sent-username XXXXX password XXXXXXXXXXXX
ppp ipcp route default
ppp multilink
ppp multilink fragment delay 20
ppp multilink interleave
service-policy output Traffic-Out
!
access-list 107 permit tcp any host ZZ.CCC.VVV.RRR eq 443
dialer-list 1 protocol ip permit
Hoping that my explanation is good!
Thank you very much!
Federico
01-27-2014 07:48 AM
It might be helpful if you would also note the device, its IOS version and the physical WAN topology/type.
01-30-2014 01:27 AM
Yes, you are right!
Unfortunately I remembered too late.
Anyway :
- router 1751V
- IOS
Cisco IOS Software, C1700 Software (C1700-ADVENTERPRISEK9-M), Version 12.4(25b), RELEASE SOFTWARE (fc1)
- WIC/VIC Slot 1:
Alcatel 20150 ADSL WIC
- ADSL link 7mbit down/ 384 (360 real) up
Thank you so much!
01-30-2014 02:59 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Ok, in a situation like yours, where available bandwidth is less than interface bandwidth, you need to "shape" for your bandwidth cap, otherwise QoS won't engage until the interface congests.
Try adding something like:
policy-map ShapeADSL
class class-default
shape average 300000
service-policy Traffic-Out
interface Dialer0
service-policy output ShapeADSL
PS:
BTW, ADSL often uses PPPoE, which takes 8 bytes from the MTU. If this is the case for you, you could set you MTU to 1492 and use mss-adjust of 1352.
Also BTW, technically you can use AF classes however you like, but higher is usually used for "better". I.e. Your HighPriority traffic would normally be something like DSCP AF3x or AF4x, not AF11.
01-30-2014 04:08 AM
Hi, see inline, thanks
JosephDoherty ha scritto:
Posting
Ok, in a situation like yours, where available bandwidth is less than interface bandwidth, you need to "shape" for your bandwidth cap, otherwise QoS won't engage until the interface congests.
> I don't want to shape because I want all available bandwith to the second station while there is no traffic from others. YES, I want the QOS engage only in case of congestion dropping less important traffic first.
Try adding something like:
policy-map ShapeADSL
class class-default
shape average 300000
service-policy Traffic-Out
interface Dialer0
service-policy output ShapeADSL
PS:
BTW, ADSL often uses PPPoE, which takes 8 bytes from the MTU. If this is the case for you, you could set you MTU to 1492 and use mss-adjust of 1352.
> No, my case is PPPoA
Also BTW, technically you can use AF classes however you like, but higher is usually used for "better". I.e. Your HighPriority traffic would normally be something like DSCP AF3x or AF4x, not AF11.
> If I am not wrong : EF (biggest priority)
> AF(1-4)x : same priority against 4 Classes (AF1x, AF2x etc)
> AFx(1-3) : different priority inside Classe and against "drop probability"
> for that reason, you turn on the light because, in my opinion, there was a big error
> here :
policy-map Traffic-Out
class-map match-any Voice-Out
match dscp ef
class-map match-any HighPriority-Out
match dscp af11
class-map match-any MidPriority-Out
match dscp af21
!
!
policy-map Traffic-In
class Voice-in
set dscp ef
class HighPriority-in
set dscp af11
class MidPriority-in
set dscp af21
Basically I created competition between af11 and af21 because they have same
priority and not different drop probability.
So, I changed in this way :
policy-map Traffic-Out
class-map match-any Voice-Out
match dscp ef
class-map match-any HighPriority-Out
match dscp af11
class-map match-any MidPriority-Out
match dscp af13
!
!
policy-map Traffic-In
class Voice-in
set dscp ef
class HighPriority-in
set dscp af11
class MidPriority-in
set dscp af13
Let you know if changes!
01-30-2014 07:00 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
> AF(1-4)x : same priority against 4 Classes (AF1x, AF2x etc)
Yes and no. Strictly speaking, there's no implied difference between AF classes, at least in the RFC that defined AF. However, many AF usage recommendations, including (later) RFCs, suggest "higher" is better than "lower". This is also to align with the prior IP Precedence RFC usage where, for example, IPPrec 4 is "better" than IPPrec 3, so also CS4 and/or AF4x is "better" than CS3 and/or AF3x.
Also if HighPriority is really higher vs. MidPriority, normally it would be in a different (and "better") AF class.
01-30-2014 09:36 AM
Hi,
so I changed in this way :
policy-map Traffic-In
class HighPriority-in
no set dscp af11
set dscp af41
policy-map Traffic-Out
class-map match-any HighPriority-Out
no match dscp af11
match dscp af41
Let you know!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide