QoS question

Unanswered Question

To all,

I am looking at possibly implementing QoS for a hosted Exchange service. Our internet pipe is currently being over-utilized so I want to guarantee this app/service, as well as VPN/ESP/IPSec gets priority over everything else. I am looking for overall design suggestions and specifically, where should I place the policy-map?? See Attachment.

Any input would be greatly appreciated!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (5 ratings)
mattwilsonuk Tue, 09/22/2009 - 15:22
User Badges:

Looking at the diagram, your bottleneck is on the egress ports to your provider. Are you able to access these devices?

Policies should be applied here outbound.

If not you will need to perform throttling further inline so that you can apply you policies earlier.

Mark your traffic at the access layer and verify these markings are still in place on both your perimeter routers.

Do you use both links to access the exchange service or use a PBR to determine a particular link?

wilson_1234_2 Wed, 09/23/2009 - 14:35
User Badges:

I have a question about this post here,

My understanding is that the QoS policy gets dropped once the traffic traverses the Internet, where there is no controll or classes defined.

Is this not so?

Lucien Avramov Wed, 09/23/2009 - 14:53
User Badges:
  • Red, 2250 points or more

QoS is local to the router, once the traffic has been sent, it's no longer involved, one thing you can do is set DSCP bit.

wilson_1234_2 Thu, 09/24/2009 - 10:37
User Badges:


That was my understanding.

With that being said, how does the policy help him with prioritizing the traffic he wants to prioritize?

Is this assuming the provider is classifying traffic for QoS purposes?

Joseph W. Doherty Tue, 09/22/2009 - 19:21
User Badges:
  • Super Bronze, 10000 points or more

QoS methods generally well support service guarantees at points of egress congestion. Since you note "Our internet pipe is currently being over-utilized . . .", two issues you might have are whether there's sufficient bandwidth to guarantee the level of service that's needed for your Exchange and VPN/ESP/IPSec traffic and whether you can use QoS for your inbound (i.e. ISP egress) Internet traffic.


This Discussion