Re: Spoke-Spoke QOS over DMVPN with nested CBWFQ on Subinterface

jpaykoc2910 · ‎01-16-2012

I have an issue where I believe I have everything configured properly, but my policy-map isn't matching any of the specified packets (ICMP, Telnet). Everything is being matched as class-default. Any ideas on where I went wrong, or if this is even possible? I applied the QOS pre-classify to the tunnel interface with the hopes that I could get matching/queueing to work.

class-map match-any TELNET

match protocol telnet

class-map match-any ICMP

match protocol icmp

class-map match-any GRE

match protocol gre

policy-map QOS

class ICMP

bandwidth percent 20

queue-limit 30 packets

class GRE

bandwidth percent 15

class TELNET

bandwidth percent 5

policy-map PARENT

class class-default

shape average percent 100

service-policy QOS

int tunnel 1

qos pre-classify

interface GigabitEthernet0/1.871

description RTR-INTERNAL-VPN2

encapsulation dot1Q 871

ip address 220.245.144.245 255.255.255.248

service-policy output PARENT

rtr-internal-01a#show policy-map interface GigabitEthernet0/1.871

GigabitEthernet0/1.871

Service-policy output: PARENT

Class-map: class-default (match-any)

13670 packets, 9088050 bytes

5 minute offered rate 172000 bps, drop rate 0 bps

Match: any

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 13670/9089292

shape (average) cir 1000000000, bc 1410065, be 1410065

target shape rate 1000000000

Service-policy : QOS

Class-map: ICMP (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol icmp

0 packets, 0 bytes

5 minute rate 0 bps

Queueing

queue limit 30 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 20% (200000 kbps)

Class-map: GRE (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol gre

0 packets, 0 bytes

5 minute rate 0 bps

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 15% (150000 kbps)

Class-map: TELNET (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol telnet

0 packets, 0 bytes

5 minute rate 0 bps

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 5% (50000 kbps)

Class-map: class-default (match-any)

13670 packets, 9088050 bytes

5 minute offered rate 172000 bps, drop rate 0 bps

Match: any

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 13670/9089292

cflory · ‎01-16-2012

Remember:

"A router begins to queue packets when the number of packets that needs to be transmitted out an interface exceeds the output rate of that interface. The excess packets are then queued. A queueing method can be applied to packets waiting to be transmitted."

Your 5 minute offered rate for class-default is 172000 bps. You appear to have 400Mbps set as guaranteed bandwidth for your telnet, gre and icmp, during congestion.

However, you only have 172kbps on a 1Gbps interface, which is no where near a point of saturation/congestion.

I'm also curious to know why you're giving more guaranteed bandwidth to ICMP, over Telnet and GRE.

HTH!

-Chris

jpaykoc2910 · ‎01-17-2012

Chris,

I'm just trying to get some matching for the service-policy, so currently this is a test. The team hasn't decided what IPs and what ports to prefer. I also need to work on the bandwidth allocated to each queue.

Even though the link isn't saturated, shouldn't I see packets matching on the service-policy for ICMP, and not class-default?