QoS order operation

Unanswered Question
Mar 3rd, 2009

Hello,

I want to set up a priority for VoiP traffic.

I have router 1814; 3 subnets (172.31.0.0/24, 172.31.1.0/24 and 10.10.10.0/24) and my outside interface to my ISP. Subnet 10.10.10.0 is for VOIP.

QoS configuration:

class-map match-any DATA

match protocol http

match protocol secure-http

match protocol ftp

class-map VOIP

match protocol rtp audio

class-map IPSEC

match-protocol ipsec

class-map SQL

match protocol sqlserver

class-map match-any EMAIL

match protocol pop3

match protocol imap

match protocol snmp

policy-map MYPOLICY

class DATA

bandwidth percent 20

class VOIP

priority percent 10

class IPSEC

bandwidth percent 5

class SQL

bandwidth percent 20

class EMAIL

bandwidth percent 10

And I apply it on my outside interface output direction.

So, these rulles applies to traffic for all 3 subnets. But subnet 172.31.0.0/24 must have the most priority.I want to say that class-map DATA must apply diffrently for my subnets.I want subnet 172.31.0.0/24 to have best priority for http traffic. Hope u understand my problem.

Should I make another policy for subnet 172.31.1.0 to limit the traffic per bits? And apply where? On 172.31.1.0 interface IN direction? What is the order a packet from 172.31.1.0 goes through? :

its acl, nat , ipsec encapsulation, qos marking/policing?

I know I must read more about QoS, but hopefuly somebody could point me to the right direction.

Thank u!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
harrismarka Tue, 03/03/2009 - 07:06

I will let someone else answer the priority question, but I noticed that you have snmp in your EMAIL class-map. Did you mean to put SMTP there instead?

Spinu Viorel Wed, 03/04/2009 - 00:12

I did more reading and I found out that QoS and VPN are not realy friends.

I learned that u can't do QoS through VPN, except when u are using the same ISP on both VPN ends.

The order is VPN encapsulation than QoS marking, unless u are using pre-clasify that is reversing that order: first QoS marking then VPN encapsulation.

How can I test to see if the packets that goes through VPN are marked by QoS? Is there a command to see that?

Nicholas Matthews Wed, 03/04/2009 - 05:55

'show policy-map interface' will show you what you're matching in certain classes. Depending on what type of traffic you're trying to test, you can create a class for that, apply it to the interface, and then check if you're hitting it.

-nick

Spinu Viorel Thu, 03/05/2009 - 04:22

thank u for your answer.

I did more reading and I found about "auto discovery qos" , this analyze my traffic and after 5 days shows me a recomanded qos configuration. I've seen this for a serial interface, but I have an ethernet interface. Before auto discovery qos I should set my bandwith and remove any policy for that interface. But what bandwidth should I set for my ethernet interface? I have 4Mbps for international traffic and 10Mbps for metropolitan traffic.

Thank u again!

Marwan ALshawi Thu, 03/05/2009 - 05:17

in the in direction ACL will be used then qos then IPsec

but with IPsec there issue

the traffec get marcked then encapsulated when it go to the policy the marking will be inside the IPsec header !!!

but if you read abot v3pn and use it with ipsec this will take copy of the marking header and put it in the outer header of the ipsec this way you can prioritize traffic even with vpn

for bandwith garntee and priority u can use it only outbound i mean the policy thus use it outpput on the outside interface

for remarking u can use it inbound or outbound

Bandwidth:

bandwith is imortant to put it on the interface to let the policy refrence the interface bandwidth becuase for example if u leave it 100 and u have only 4mb then even if your interface conjested the policy will not work becuase the policy is refrencing the amount of bandwidth from the interface

thats why it is important

good luck

if helpful Rate

Spinu Viorel Thu, 03/05/2009 - 05:41

I did not know about v3pn .. I'll read about. thank u

but I need to know this: I understand that it is important to set the bandwith, but I have diffrent bandwith for international trafic and for local traffic.(10Mbps for local traffic and 4Mbps for international traffic). So what bandwith should I set ?

Hope u understand my question!

and thank u for answer

Marwan ALshawi Thu, 03/05/2009 - 13:12

ok

from my understanding ( if wrong correct me plz!)

you have link with 7 Mb

divided to tow clsses 4 and 3

can you let me know if the above right about the one with ow calsses

also is the traffic will be divided by source IPs i mean you tw diffrent source subnets/ or based on disstination ?

i need to know how you distingush between traffic this for the 4 and that for the the 3

thanks

Spinu Viorel Fri, 03/06/2009 - 00:50

My ISP limits my traffic:

- 4Mbps for international

- 10Mbps for metropolitan

I need to implement QoS using "auto discovery qos" ; and fot that I need to setup the bandwith for the interface that connects me to ISP. My question was, what bandwith should I set? 4Mbps or 10Mbps?

I don't have 2 classes of 4 and 3Mbps.

thank u

Marwan ALshawi Fri, 03/06/2009 - 01:37

i am not sure if u put it 10 then the one with 3 wil not get benefit of the policy

the questionis i cant under stand what u mean international and metro the isp clasify the traffic based one what cartiria ?

Spinu Viorel Fri, 03/06/2009 - 03:40

I belive that the classification is based on destination(it does't not matter what type of traffic I am generating). If my destinations are inside my country I have 10Mbps, if destination is outside my country I have 4Mbps.

Actions

This Discussion