Traffic doesn't hit the QoS policy

Unanswered Question
Sep 21st, 2009
User Badges:

Hi


We are using ASA - router to build up VPN tunnel base on DSL connection. On router, I added the follwoing QoS policy on the router outside port, but looks like no traffic hit the QoS on router. But on the ASA, I can see the traffic hit the QoS policy. Anyone has any ideas for this issue?


Thanks, Leo


IOS: c2800nm-advipservicesk9-mz.124-15.T7.bin


ip access-list extended lighthouse

permit ip any host 192.168.9.2


access-list 198 permit esp host X.X.X.X any

access-list 198 permit udp host X.X.X.X any eq isakmp

access-list 198 permit tcp any any eq 22

access-list 198 deny ip any any


class-map match-any lighthouse

match access-group name lighthouse


policy-map ALL-TRAFFIC

class lighthouse

priority percent 50

class class-default

fair-queue

random-detect


interface FastEthernet0/0

description connect to DSL modem

bandwidth 1024

ip address Y.Y.Y.Y

ip access-group 198 in

ip route-cache flow

duplex auto

speed auto

crypto map mymap

service-policy output ALL-TRAFFIC

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
xzjleo2005 Tue, 09/22/2009 - 15:00
User Badges:

Only one default route pointing to ISP GW. All traffic will go through VPN tunnel, including the traffic to 192.168.9.2. The F0/0 is outside interface connect to ISP DSL modem


Thanks,Leo

xzjleo2005 Wed, 09/23/2009 - 03:11
User Badges:

I can't see any traffic hit the acl, but I can see the traffic in netflow. That's very strange.

xzjleo2005 Wed, 09/23/2009 - 04:12
User Badges:

Thanks for your reply.


I tried the way you suggested and here is the show policy-map interface output. We can see a lot of traffic to be marked now, but wondering why not too much traffic to be put in the priority queue?


Thanks. Leo




-----------------------------------------

AP816N0001#sh policy-map interface

FastEthernet0/0


Service-policy output: ALL-TRAFFIC


Class-map: outgo (match-any)

7446 packets, 926436 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: precedence 5

0 packets, 0 bytes

5 minute rate 0 bps

Match: ip precedence 5

7446 packets, 926436 bytes

5 minute rate 0 bps

Queueing

Strict Priority

Output Queue: Conversation 264

Bandwidth 512 (kbps) Burst 12800 (Bytes)

(pkts matched/bytes matched) 8/1520

(total drops/bytes drops) 0/0


Class-map: class-default (match-any)

140707 packets, 68075067 bytes

5 minute offered rate 25000 bps, drop rate 0 bps

Match: any

Queueing

Flow Based Fair Queueing

Maximum Number of Hashed Queues 256

(total queued/total drops/no-buffer drops) 0/0/0

exponential weight: 9


class Transmitted Random drop Tail drop Minimum Maximum Mark

pkts/bytes pkts/bytes pkts/bytes thresh thresh prob

0 127616/66283953 0/0 0/0 20 40 1/10

1 0/0 0/0 0/0 22 40 1/10

2 0/0 0/0 0/0 24 40 1/10

3 0/0 0/0 0/0 26 40 1/10

4 0/0 0/0 0/0 28 40 1/10

5 0/0 0/0 0/0 30 40 1/10

6 13091/1791114 0/0 0/0 32 40 1/10

7 0/0 0/0 0/0 34 40 1/10

rsvp 0/0 0/0 0/0 36 40 1/10


FastEthernet0/1


Service-policy input: income


Class-map: income (match-any)

7446 packets, 485157 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: access-group name income

7446 packets, 485157 bytes

5 minute rate 0 bps

QoS Set

precedence 5

Packets marked 7446


Class-map: class-default (match-any)

124216 packets, 60574939 bytes

5 minute offered rate 23000 bps, drop rate 0 bps

Match: any

-----------------------------------------

Actions

This Discussion