06-21-2010 12:47 PM - edited 03-04-2019 08:51 AM
I am running Cisco QoS baseline on our WAN routers. I would like to know if there is a way to classify and prioritize traffic from\to two particular nodes that need to run some sort of data shadowing across the WAN. I have captured traffic from these nodes and it looks like they are putting traffic on the wire as DSCP=CS1. When traffic is light on the WAN links I don't think there is a problem, however, once bandwidth starts to getting to about 50% utilization the shadowing process between these two nodes starts to crawl ( The WAN connection is 12 Mbps between these two sites) Any help would be greatly appreciated... below is the QoS configuration sample from one of our routers
class-map match-all str-video
match ip dscp cs4
class-map match-all network-mgt
match ip dscp cs2
class-map match-all int-video
match ip dscp af41
class-map match-all critical-data
match ip dscp 25
class-map match-any voice-signal
match ip dscp af31
match ip dscp cs3
class-map match-all transactional
match ip dscp af21
class-map match-all voice
match ip dscp ef
class-map match-all routing
match ip dscp cs6
class-map match-all scavenger
match ip dscp cs1
!
!
policy-map mpls-qos
class routing
bandwidth percent 3
set precedence 5
class voice
priority percent 18
set precedence 5
class int-video
priority percent 16
set precedence 5
class str-video
bandwidth percent 17
set precedence 3
class voice-signal
priority percent 3
set precedence 5
class critical-data
bandwidth percent 11
random-detect
set precedence 4
class transactional
bandwidth percent 9
random-detect
set precedence 4
class network-mgt
bandwidth percent 3
set precedence 3
class scavenger
bandwidth percent 1
set precedence 1
class class-default
bandwidth percent 19
random-detect
set precedence 1
!
interface Multilink1
description XXXXX
ip address X.X.X.X 255.255.255.252
ip wccp 62 redirect in
ip route-cache flow
no cdp enable
ppp multilink
ppp multilink fragment delay 1000
ppp multilink group 1
max-reserved-bandwidth 100
service-policy output mpls-qos
06-21-2010 12:53 PM
Yes. Create an acl, apply that to your class-map and then assign to a policy-map. Something like:
access-list 110 permit tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 80
class-map WEB
match ip address 110
policy-map WEBTEST
class WEB
bandwidth percent 2
This is a rough guess and syntax may not be right. The above matches only for hosts in those subnets running on 80. You can do a whole range, all per port, etc. Pretty much whatever you can put in an acl can be matched on.
HTH,
John
06-21-2010 01:04 PM
Thanks for the quick response!!! Now, there is an existing policy map applied to WAN interface (service-policy output mpls-qos) can I apply two policy maps to the same interface? or just add the new class to the existing policy map? Thanks again.
06-21-2010 01:12 PM
You'd add the class map to the existing policy map. You can also create a new policy map and then embed that policy map to the existing policy map, but you're limited to only one service policy on an interface per direction.
John
06-21-2010 01:27 PM
John,
Thanks again for your help.
marramix01
06-29-2010 02:07 AM
According to this link http://www.pingafrica.org/node/135 I configure my CISCO OIOS (tm) C1700 Software (C1700-Y-M), Version 12.3(17a), router to filter HTML trafic. It works perfectly.
Could you tell me how to configure it to not filter traffic for specific IP addresses ex. administrators and other privileged users in my network?
Thanks a lot....
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: