01-19-2008 05:18 AM - edited 03-09-2019 07:54 PM
Hi Guys,
I hope someone can help me here. Just revising some ONT stuff before exam and realised that i do not understand when the 'qos pre-classify' command is used when implementing QoS over VPNs.
Can someone clearly expalin when exactly you use the QoS Pre-Classisfy command and when not to use it.
Forever Greatful
Stephen
PS - i'm gonna post this over in 'Certifications' also for a bit more exposure.
01-19-2008 05:58 AM
qos pre-classify is used to identify ip header information before it passes through a tunnel (encrypted or unencrypted) for qos purposes. depending on tunnel-type, a certain amount of header information is copied, and then applied to the tunnel header, so QoS information is available as it passes through the tunnel network. Without pre-classification, the QoS bits are lost in encryption and/or packet encapsulation.
http://www.cisco.com/univercd/cc/td/doc/product/access/mar_3200/mar_conf/m032qos.htm#wp1077010
01-20-2008 03:30 PM
If the before encapsulation packets have TOS settings that you want to "analyze" after the packets have been encapsulated with a VPN packet, then you can use pre-classify to copy the TOS values to the VPN packet's TOS. NB: The copied TOS can be overwritten, but that won't change the original packet's TOS.
E.g. you have VoIP packets marked with TOS values (perhaps a DSCP EF) so QoS can give them better treatment. If the original packet's TOS isn't copied to the VPN packet's TOS, QoS could no longer tell the difference between VoIP packets and FTP packets since they are now likely to be encrypted. (Pre-Classify is the command to cause the copy.)
01-21-2008 09:22 AM
Thanks for the help guys.
Joseph - your version seemed a little clearer. I now understand when to 'apply' the command. However, in some ONT guides, they also give reason when not to apply the command to a tunnel interface or even more confusing - when to apply a service-policy command to an interface only when using QoS for VPNs.
can you shed any light on either of the later scenarios?
Thanks again
Stephen
01-21-2008 06:12 PM
I'm wondering whether part of the confusion might be where you need to apply the command for it to be actually effective.
If, however, the question is why you wouldn't want to use the command, two possible reasons come to mind. First, you know nothing actually processes the TOS later on, so using the command doesn't accomplish anything and perhaps by not using it avoids a performance hit. Second, your encapsulated packets are to be treated as a class (or part of a class) themselves, not by their original contents.
If you have any URL references that I could see, that appear unclear, I might be able to comment further.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide