cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7754
Views
20
Helpful
15
Replies

QOS over the internet

peter.williams
Level 1
Level 1

Is using a Cisco Router or an ASA recommended for QOS over the Internet when using site-to-site VPN?  What are the recommendations?

Thank you

1 Accepted Solution

Accepted Solutions

You need to do it on the Internet facing device, whichever they are.

The internal network will likely not cause  quality issues because it is probably not oversubscribed.

Rate helpful posts.

PK

View solution in original post

15 Replies 15

Panos Kampanakis
Cisco Employee
Cisco Employee

Both can perform QoS.

In general you want to perform QoS as close to the source of the traffic as possible, that is something you need to keep in mind.

Also Router QoS has more queueing options like WFQ, LLQ, CBWFQ and congestion avoidance RED, WRED etc.

I hope it helps.

PK

Collin Clark
VIP Alumni
VIP Alumni

The internet does not follow any standardized QoS/queuing mechanism. In other words the internet is best effort and traffic is not prioritized in any way.

Hope that helps.

So whether I use a router (which has better queuing, ETC) or an ASA I should not try to prioritize the data because the Internet does not support it, correct?  Should I not even use QOS?  I will be running VOIP and video conferencing.

Thank you

I would not bother with QoS. If you configure it (ASA or router) it will mark/prioritize traffic leaving the device but after that it's best effort on the ISPs. Some ISPs may even remove any QoS markings!

I would go with QoS even if the ISP doesn't support it.

The fact that the ISP will not pay attention to DSCP markings or strip them unless you pay for that service is right.

But if your packets come out from your edge prioritized, it is more likely the priority will remain until they reach their destination.

OK, the Internet doesn't guarantee it, but backbone Internet is usually not congested, and practically traffic order is maintained throughout the path.

Experience has shown that when we prioritize on our endpoints on our devices and that tends to help.

That is my view.

PK

"But if your packets come out from your edge prioritized, it is more  likely the priority will remain until they reach their destination."

How will it be more likely? As I stated before some ISP's remove all QoS tags from the CPE so only their traffic has QoS markings and is queued appropriately during congestion.

How will I be able to tell if I receive the packets on the other side in the correct order?

With voice and video traffic, you'll know! There will be jitter and delay. The router will hold the packet for a little bit of time to try and resequence if they arrive out of order, but if it doesn't see it in a specified time it forwards to the designation and those missing packets result in broken voices and jerky video.

"But if your packets come out from your edge prioritized, it is more  likely the priority will remain until they reach their destination."

How will it be more likely? As I stated before some ISP's remove all QoS tags from the CPE so only their traffic has QoS markings and is queued appropriately during congestion.

I meant that if the packets go out as x, y, z, QoS marking will be disregarded or stripped.but there is high probability they will reach the remote end as x,y,z.

No guarantees, I agree.

But practically they will. And it usually helps in most situations.

PK

As many have said just marking packets with priority won't help much, since ISPs don't follow your markings. What really helps you when doing QoS for internet vpn's, is that once your own link is congested, you decide what traffic is dropped, by using shaping, instead of your ISP dropping maybe the wrong traffic (voip). So if you know what your link speed is, you can create a policy that will drop the traffic you wan't to drop once your link is congested.

Can I shape the traffic on a ASA and a router, and if so, do you have any configuration examples, so I can start with shaping the traffic?

Thank you

What is the best way to do this?

If I have a PIX and router on the remote side and an ASA on the corporate side, I would have to setup the QOS on all 3, corrrect?

Thank you for your post

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: