QOS 2621

Unanswered Question
Apr 9th, 2008
User Badges:

OK i am trying to setup LLQ on my 2621, so i have priority on the internet (web traffic).. My net diagram is as follows.....


CABLE Model........(fa0/0)-2621-(fa0/1)---switch


Here is what i run into...

i cannot set QOS on FA0/0 for a few reasons. #1 it is connected to the cable modem at 100Mbps, so it is hardly going to drop packets. The 2621 is Nating, so i cannot apply an ACL that will match, as the incoming and outgoing IPs will not be local IPs.


If i apply my service-policy to the fa0/1 int i again run into the problem that traffic will not be dropped there. How on earth can i get around these obsticles, or am i looking at this wrong?

Config as follows...

!

class-map match-all MIKEQOS

match access-group 102

!

!

policy-map LLQ

class MIKEQOS

priority 8000

class class-default

fair-queue

!

interface FastEthernet0/0

description <<Connection to Comcast>>

bandwidth 12000

ip address dhcp

ip nat outside

service-policy output LLQ

no ip mroute-cache

duplex auto

speed auto

!

interface Serial0/0

no ip address

no ip mroute-cache

shutdown

!

interface FastEthernet0/1

description <<DHCP for House>>

bandwidth 12000

ip address 192.168.1.2 255.255.255.0

ip directed-broadcast

ip nat inside

service-policy output LLQ

no ip mroute-cache

duplex auto

speed auto

!

...

!

access-list 102 permit ip host 192.168.1.200 any

access-list 102 permit ip any host 192.168.1.200


Thoughts?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Wed, 04/09/2008 - 17:15
User Badges:
  • Super Bronze, 10000 points or more

You shouldn't need an outbound policy on your inside interface, fe0/1.


As to outbound, the normal solution, if supported on your platform, is a hierarchal policy.


e.g. (pseudo code)


policy-map ComcastUplink

class class-default

shape average 128kbs (your uplink speed here)

policy LLQ


interface FastEthernet0/0

service-policy output ComcastUplink

mikegrous Thu, 04/10/2008 - 02:44
User Badges:

well see the thing is that when i apply the LLQ policy onto fa0/0 and i do a show access-lists... ACL102 never gets any matches. I believe that is because of NAT. Which is part of my dilemma. I cant match the packets so how can i QOS them

Jon Marshall Thu, 04/10/2008 - 02:59
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

What are you Natting the packets to and have you tried added the Natted address(es) to access-list 102 ?


Jon

Joseph W. Doherty Thu, 04/10/2008 - 03:49
User Badges:
  • Super Bronze, 10000 points or more

Sorry, overlooked that!


What you might try is using an inbound service policy on the inside interface to mark your priority packets using an ACL like 102. Then amend your outside interface's outbound policy to match on the marked packets for your LLQ traffic.


e.g. (pseudo code)


policy-map LLQmarker

class MIKEQOS

set dscp cs1 (mark as you choose)


class-map MIKELLQ

match dscp cs1


policy-map LLQ

class MIKELLQ

priority 8000

class class-default

fair-queue


interface FastEthernet0/0

service-policy input LLQmarker


mikegrous Thu, 04/10/2008 - 08:48
User Badges:

if i do this the problem will arise that the fa0/0 is not dropping packets because it is not the weakest link. The cable modem is and i cannot QOS that. I see where you are going with marking it so i can match the traffic, but fa0/0 connected at 100Mbps will not drop packets if it doesnt get congested. The cable modem will be dropping.

Joseph W. Doherty Thu, 04/10/2008 - 10:00
User Badges:
  • Super Bronze, 10000 points or more

Sorry, my last post probably wasn't clear. The example showed what needed to be changed, i.e. it assumed shaper would still be present on fa0/0 as shown in my first post. Set the shaper bandwidth to correspond with your upstream cable bandwidth.

mikegrous Thu, 04/10/2008 - 10:02
User Badges:

ahh okey i got you. I will check it out today when i get home and hope for the best.

thotsaphon Thu, 04/10/2008 - 10:06
User Badges:
  • Gold, 750 points or more

Hi Michael,

You are using congestion management QOS so if the interface is not congested then the qos does nothing.

We have to know what is exactly bandwidth you've got from ISP. 12 Mbps,right?

Thing is you try to use llq as well as natting. Nat has been done before QOS so referencing the IP address in ACL is meaningless.

I would do as follows:

- Mark the packets you want first at the inbound interface.

- Use marked packets to do qos.

- Shape all packets to the limited bandwidth .

- Apply the child qos with qos you want



##################################

access-list 100 permit ip host 192.168.1.200 any


class-map match-any Mark-192-168-1-200

match ip address 100


policy-map Mark-It-cs5

class Mark-192-168-1-200

set dscp cs5


interface FastEthernet0/1

service-policy input Mark-It-cs5


Hopes marking will work. ;-)

#################################


class-map Match-Cs5

match dscp cs5


policy-map LLQ-You-Want

class Match-Cs5

priority 8000

class class-default

fair-queue


####Shaping must be deployed.


policy-map Shape12000

class class-default

shape average 12000000

service-policy LLQ-You-Want


interface FastEthernet0/0

service-policy output Shape12000


##################################



Hopes I did something helps

Thot

mikegrous Thu, 04/10/2008 - 14:29
User Badges:

If i do a show policy-map on fa0/1 it is matching packets......


If i lower the shape average REALLY low ALL traffic gets slow. I am thinking that my packets after the NAT are not retaining the EF value?. i am to tired to play anymore. Will tackel again later. Hopefully i missed something ha.


if i do it on fa0/0


QOS#show policy-map int fa0/0

FastEthernet0/0


Service-policy output: SHAPE


Class-map: class-default (match-any)

390339 packets, 179921330 bytes

5 minute offered rate 391000 bps, drop rate 0 bps

Match: any

Traffic Shaping

Target/Average Byte Sustain Excess Interval Increment

Rate Limit bits/int bits/int (ms) (bytes)

16000000/16000000 100000 400000 400000 25 50000


Adapt Queue Packets Bytes Packets Bytes Shaping

Active Depth Delayed Delayed Active

- 0 85568 31546771 4425 596078 no


Service-policy : LLQ


Class-map: MATCH_EF (match-all)

48196 packets, 2635219 bytes

5 minute offered rate 24000 bps, drop rate 0 bps

Match: dscp ef

Queueing

Strict Priority

Output Queue: Conversation 24

Bandwidth 16000 (kbps) Burst 400000 (Bytes)

(pkts matched/bytes matched) 60/8233

(total drops/bytes drops) 6/3849


Class-map: class-default (match-any)

35873 packets, 28824695 bytes

5 minute offered rate 358000 bps, drop rate 0 bps

Match: any

Queueing

Flow Based Fair Queueing

Maximum Number of Hashed Queues 16

(total queued/total drops/no-buffer drops) 0/139/0







class-map match-all MATCH_EF

match dscp ef

class-map match-all MIKEQOS

match access-group 102

!

!

policy-map MARK

class MIKEQOS

set dscp ef

policy-map LLQ

class MATCH_EF

priority 16000

class class-default

fair-queue

policy-map SHAPE

class class-default

shape average 16000000

service-policy LLQ



interface FastEthernet0/0

description <>

ip address dhcp

ip nat outside

service-policy output SHAPE

no ip mroute-cache

duplex auto

speed auto

!

interface Serial0/0

no ip address

no ip mroute-cache

shutdown

!

interface FastEthernet0/1

description <>

bandwidth 18000

ip address 192.168.1.2 255.255.255.0

ip directed-broadcast

ip nat inside

service-policy input MARK

no ip mroute-cache

duplex auto

speed auto


mikegrous Thu, 04/10/2008 - 17:25
User Badges:

i got it :) I will have to do some tweaking but here it is... I now have QOS priority over my roommates. I tested by saturating the upload with torrent traffic and then testing my PC with speed tests, download files, and web traffic. All zip along like nothing is going on. Thanks for all your help.... Config with some tweaking left.

class-map match-all MATCH_EF

match dscp ef

class-map match-all MIKEQOS

match access-group 102

!

!

policy-map MARK

class MIKEQOS

set dscp ef

policy-map LLQ

class MATCH_EF

priority 16000

class class-default

fair-queue

policy-map SHAPE

class class-default

shape average 16000000

service-policy LLQ

policy-map SHAPE2

class MATCH_EF

shape average 2000000

!

!

!

interface FastEthernet0/0

description <>

ip address dhcp

ip nat outside

service-policy output SHAPE2

no ip mroute-cache

duplex auto

speed auto

!

interface Serial0/0

no ip address

no ip mroute-cache

shutdown

!

interface FastEthernet0/1

description <>

bandwidth 18000

ip address 192.168.1.2 255.255.255.0

ip directed-broadcast

ip nat inside

service-policy input MARK

no ip mroute-cache

duplex auto

speed auto


Actions

This Discussion