Wireless QoS

ALIAOF_ · ‎11-14-2018

Having a weird issue when doing packet captures and looking at the QoS with some Flexconnect AP's with locally switched WLAN.

Two iphones connected to the same AP, start Facetime. I see UP of 6 and 5.

Packet capture shows any traffic from client to the AP is Voice/Video

Any traffic with AP as the TA is Best Effort

Next I tried to use Fastlane QoS app and sent some traffic from one of the phones to the client and tagged it with Voice.

I noticed in the capture that client to AP is marked correct. Next I had the port AP is connected to mirrored and I saw that the traffic is being marked as CS0.

So for some reason AP is just stripping everything client is sending and putting it in BestEffort bucket? Any ideas, thoughts?

johnd2310 · ‎11-14-2018

Hi,

How are you doing the qos on the AP/Wireless network?

Thanks

John

**Please rate posts you find helpful**

ALIAOF_ · ‎11-14-2018

It is just a simple SSID with QoS Profile of Platinum assigned to it.

Rasika Nayanajith · ‎11-14-2018

Do you trust COS value on switchport connected to FlexAP. I believe wireless user traffic comes with vlan tag on that trunk link. Here is one of my old post talking about FlexConnect QoS

https://mrncciew.com/2013/07/23/qos-for-h-reap/

HTH

Rasika

*** Pls rate all useful responses ***

ALIAOF_ · ‎11-15-2018

Thank you Rasika as always awesome blog entry. So these are the newer switches and using the service policy and ACL's instead of using "trust dscp/cos" commands. Even tried it on a port that did not have anything on it such as no "trust dscp/cos" commands and no "service policy" commands and same results which I can understand. Trying to find out why that AP is stripping the UP and converting it to BestEffort. Below are two examples of the ports.

interface GigabitEthernet1/1
 switchport trunk native vlan 10
 switchport trunk allowed vlan 10,20
 switchport mode trunk
 switchport nonegotiate
 logging event trunk-status
 spanning-tree portfast

interface GigabitEthernetX/X
 switchport access vlan 100
 switchport mode access
 switchport voice vlan 2
 switchport port-security maximum 3
 switchport port-security
 switchport port-security aging time 2
 switchport port-security aging type inactivity
 no snmp trap link-status
 auto qos voip cisco-phone 
 storm-control broadcast level 10.00
 storm-control action trap
 qos trust device cisco-phone
 spanning-tree portfast
 spanning-tree bpduguard enable
 spanning-tree guard root
 service-policy input AutoQos-VoIP-Input-Cos-Policy
 service-policy output AutoQos-VoIP-Output-Policy

Secondly I've read that with Access Port I should trust DSCP and with Trunk Port CoS. However seems like trusting DSCP would be a better way to go if I want to change priority of management and user traffic even if it is a trunk port.

On the other hand Trusting DSCP on the port will disregard what the AP is imposing from the WLAN Profile? Did I read that right? So basically if I have under WLAN Profile --> Platinum switch will disregard what the client sent it as and what the AP put it under and can completely change it?

Thank you.

Rasika Nayanajith · ‎11-18-2018

Hi Ali,

I think in newer switches it may trust DSCP on access ports & trust CoS on trunk ports, Pls double check it with documentation specific to your IOS version.

"On the other hand Trusting DSCP on the port will disregard what the AP is imposing from the WLAN Profile? Did I read that right? So basically if I have under WLAN Profile --> Platinum switch will disregard what the client sent it as and what the AP put it under and can completely change it?"

In FlexConnect local switching, your wireless user traffic mapped to non-native vlan. Therefore vlan ID, QoS value - PRI (3 bits) map into L2 header (inside 802.1Q 4 bytes) . If your wireless get voice/video, that needs to translate into PRI value. If you trust L2-COS, then that value will be translate into equivalent DSCP by CoS -> DSCP map of that switch.

If you trust DSCP on that port , you ignore PRI value of L2 header (which mean you loss WLAN profile QoS settings on that frame)

HTH

Rasika

*** Pls rate all useful responses ***

ALIAOF_ · ‎11-19-2018

Thank you for that, something is still not right and doesn't make sense with the AP's then. Tried Facetime with Cisco AP's and couple of other vendors and every time if the AP is a "ta" it shows BE to both clients. Not sure why AP is just disregarding the UP of 5 or 6 from the clients and converting it to 0.

Rasika Nayanajith · ‎11-19-2018

What version of AireOS running on your WLC ? Sometime it could be an issue with that software release ?

If you are with recommended release (8.5.135.0 or 8.2.170.0,etc) & got TAC support, I would log a case with them & find exact reason for such behavior.

HTH

Rasika

ALIAOF_ · ‎11-20-2018

I have 8.2.170.0 running.

NOTE: I tested this with a Meraki AP and Meraki switch and it seems to be perfect. Facetime between two iPhones same scenario started with BE and then changed to Voice and Video UP.

BTW I'm not seeing the QoS Map even enabled in the WLC, based on the following document looks like it not only needs to be enabled but configured. I wonder if that is breaking it and the fact that it is not even enabled not sure what is being applied and its just putting everything in BE bucket.

https://clnv.s3.amazonaws.com/2018/usa/pdf/BRKCRS-2501.pdf