Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1047
Views
3
Helpful
6
Replies

Qos not working or badly configured ?

flier55CCO55
Level 1
Level 1

‎01-25-2014 12:41 PM - edited ‎03-07-2019 05:47 PM

Hi eXperts,

I am not able to get working QOS as I expect

Two stations are attached to the same switch and one of them is dedicated to upload

traffic intensive.

The goal is to leave all the bandwith available to this pc where there are no other pc

making traffic on internet, but dinamically reduce bandwith to this pc when some other pc

starts to make internet traffic. Match is done watching to fixed destination ip addresses and specific

protocol "https" > this and only this traffic to this specific ip addresses must be reduced.

All policy-maps are matching but there is something wrong because during intensive upload

if I try to open a simple page from another pc, traffic (for e.g. http navigation) is quite impossible.

This is my configuration :

class-map match-any MidPriority-Out

match  dscp af21

class-map match-any Voice-Out

match  dscp ef

class-map match-any ExcludeIp

match not access-group 107

class-map match-any TrafficType

match protocol dns

match protocol http

match protocol nntp

match protocol ntp

match protocol netbios

match protocol pop3

match protocol secure-ftp

match protocol secure-http

match protocol secure-pop3

match protocol secure-telnet

match protocol ssh

match protocol telnet

class-map match-all HighPriority-in

match class-map ExcludeIp

match class-map TrafficType

class-map match-all IncludeIp

match protocol secure-http

match access-group 107

class-map match-any MidPriority-in

match protocol pptp

match protocol gre

match protocol ftp

match class-map IncludeIp

class-map match-any Voice-in

match access-group 104

match protocol rtp

class-map match-any HighPriority-Out

match  dscp af11

!

!

policy-map Traffic-Out

class Voice-Out

  priority percent 50

class HighPriority-Out

  bandwidth percent 20

  random-detect

class MidPriority-Out

  bandwidth percent 5

  random-detect

class class-default

  fair-queue

  random-detect

policy-map Traffic-In

class Voice-in

  set dscp ef

class HighPriority-in

  set dscp af11

class MidPriority-in

  set dscp af21

!

!

interface FastEthernet0/0

ip address 192.168.0.10 255.255.255.0

ip nat inside

ip virtual-reassembly

speed auto

service-policy input Traffic-In

!

interface ATM1/0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

  encapsulation aal5snap

  protocol ppp dialer

  dialer pool-member 1

!

!

interface Virtual-Template1 type tunnel

ip unnumbered Dialer0

ip nat inside

ip virtual-reassembly

tunnel mode ipsec ipv4

tunnel protection ipsec profile XX_XX__X

!

interface Dialer0

bandwidth 360

ip address negotiated

ip access-group 100 in

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp pap sent-username XXXXX password XXXXXXXXXXXX

ppp ipcp route default

ppp multilink

ppp multilink fragment delay 20

ppp multilink interleave

service-policy output Traffic-Out

!

access-list 107 permit tcp any host ZZ.CCC.VVV.RRR eq 443

dialer-list 1 protocol ip permit

Hoping that my explanation is good!

Thank you very much!

Federico

Labels:
0 Helpful
6 Replies 6

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎01-27-2014 07:48 AM

It might be helpful if you would also note the device, its IOS version and the physical WAN topology/type.

0 Helpful

flier55CCO55
Level 1
Level 1
In response to Joseph W. Doherty

‎01-30-2014 01:27 AM

Yes, you are right!

Unfortunately I remembered too late.

Anyway :

- router 1751V

- IOS

Cisco IOS Software, C1700 Software (C1700-ADVENTERPRISEK9-M), Version 12.4(25b), RELEASE SOFTWARE (fc1)

- WIC/VIC Slot 1:

        Alcatel 20150 ADSL WIC

- ADSL link 7mbit down/ 384 (360 real) up

Thank you so much!

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to flier55CCO55

‎01-30-2014 02:59 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Ok, in a situation like yours, where available bandwidth is less than interface bandwidth, you need to "shape" for your bandwidth cap, otherwise QoS won't engage until the interface congests.

Try adding something like:

policy-map ShapeADSL

class class-default

shape average 300000

service-policy Traffic-Out

interface Dialer0

service-policy output ShapeADSL

PS:

BTW, ADSL often uses PPPoE, which takes 8 bytes from the MTU.  If this is the case for you, you could set you MTU to 1492 and use mss-adjust of 1352.

Also BTW, technically you can use AF classes however you like, but higher is usually used for "better".  I.e. Your HighPriority traffic would normally be something like DSCP AF3x or AF4x, not AF11.

flier55CCO55
Level 1
Level 1
In response to Joseph W. Doherty

‎01-30-2014 04:08 AM

Hi, see inline, thanks

JosephDoherty ha scritto:
 
Posting
Ok, in a situation like yours, where available bandwidth is less than interface bandwidth, you need to "shape" for your bandwidth cap, otherwise QoS won't engage until the interface congests.
> I don't want to shape because I want all available bandwith to the second station while there is no traffic from others. YES, I want the QOS engage only in case of congestion dropping less important traffic first. 
Try adding something like:
policy-map ShapeADSL
class class-default
shape average 300000
service-policy Traffic-Out
interface Dialer0
service-policy output ShapeADSL
PS:
BTW, ADSL often uses PPPoE, which takes 8 bytes from the MTU.  If this is the case for you, you could set you MTU to 1492 and use mss-adjust of 1352.
> No, my case is PPPoA 
Also BTW, technically you can use AF classes however you like, but higher is usually used for "better".  I.e. Your HighPriority traffic would normally be something like DSCP AF3x or AF4x, not AF11.
> If I am not wrong : EF (biggest priority)
> AF(1-4)x : same priority against 4 Classes (AF1x, AF2x etc)
> AFx(1-3) : different priority inside Classe and against "drop probability"
> for that reason, you turn on the light because, in my opinion, there was a big error
> here :
policy-map Traffic-Out
class-map match-any Voice-Out
match  dscp ef
class-map match-any HighPriority-Out
match  dscp af11
class-map match-any MidPriority-Out
match  dscp af21
!
!
policy-map Traffic-In
class Voice-in
  set dscp ef
class HighPriority-in
  set dscp af11
class MidPriority-in
  set dscp af21

Basically I created competition between af11 and af21 because they have same

priority and not different drop probability.

So, I changed in this way :

policy-map Traffic-Out

class-map match-any Voice-Out

match  dscp ef

class-map match-any HighPriority-Out

match  dscp af11

class-map match-any MidPriority-Out

match  dscp af13

!

!

policy-map Traffic-In

class Voice-in

  set dscp ef

class HighPriority-in

  set dscp af11

class MidPriority-in

  set dscp af13

Let you know if changes!

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to flier55CCO55

‎01-30-2014 07:00 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

> AF(1-4)x : same priority against 4 Classes (AF1x, AF2x etc)

Yes and no.  Strictly speaking, there's no implied difference between AF classes, at least in the RFC that defined AF.  However, many AF usage recommendations, including (later) RFCs, suggest "higher" is better than "lower".  This is also to align with the prior IP Precedence RFC usage where, for example, IPPrec 4 is "better" than IPPrec 3, so also CS4 and/or AF4x is "better" than CS3 and/or AF3x.

Also if HighPriority is really higher vs. MidPriority, normally it would be in a different (and "better") AF class.

0 Helpful

flier55CCO55
Level 1
Level 1
In response to Joseph W. Doherty

‎01-30-2014 09:36 AM

Hi,

so I changed in this way :

policy-map Traffic-In

class HighPriority-in

no set dscp af11

set dscp af41

policy-map Traffic-Out

class-map match-any HighPriority-Out

no match  dscp af11

match  dscp af41

Let you know!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card