Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

QoS on GRE Tunnels. Critique Please!

Big question:  Does the config below work?  My stress tests shows its utilizing the bandwidth commands, but thats about all I can tell.  I am unexpereienced with QoS.  Help please!


Two branch locations that use MPLS to connect to a datacenter, and route to the internet through a hosted firewall at the datacenter.  Configuration example below is from a branch MPLS router.  Branch uses VOIP and some Core Vendor software (extremely network sensitive). 

So the branches connect to each other and the internet via each of their MPLS routers (Cisco 1841's). 

We want to accept any critiques, and know if the config below would work in general/at all.  In particular I would like to ensure the Core Vendor traffic never drops/has too high of a latency.

In the current configuration I saw just 4 packets drops for the Core Vendor due to WRED attempting to avoid congestion.

Note:  We set the DSCP values we do because those are the DSCP values that correspond to our ATT MPLS CoS values.

QoS Config Example:  [updated 12/11/2013 4:30PM CST]

class-map match-any Internal_Traffic

match access-group 106

class-map match-any Core_Vendor

match access-group 108

class-map match-any RDP

match access-group 107

class-map match-any Voice

match access-group 105



policy-map ToMPLS

class Voice

  set ip dscp ef

  priority percent 15

class Core_Vendor

  set ip dscp af31

  bandwidth remaining percent 30

class Internal_Traffic

  set ip dscp af21

  bandwidth remaining percent 35

class class-default

  set ip dscp default

  bandwidth remaining percent 20

policy-map ToMPLS-QUEUE

class class-default

  random-detect dscp-based

  service-policy ToMPLS

policy-map ToMPLS-Tunnel

class class-default

  shape average 1537000

  service-policy ToMPLS-QUEUE


interface Tunnel0

description Tunnel to DATACENTER

bandwidth 1540

qos pre-classify

tunnel source Serial0/0/0


interface Tunnel1

description Tunnel to OTHER BRANCH

bandwidth 1540

qos pre-classify

tunnel source Serial0/0/0


interface Serial0/0/0

description DHEC......etc...

encapsulation ppp

service-module t1 timeslots 1-24

service-module t1 remote-alarm-enable

service-policy output ToMPLS-Tunnel