Unanswered Question
Jun 29th, 2010


I have to implement qos and this is what i am planning to do.


My branch to RO link is 64kbps,Ro to MPLs 2Mbps,MPLS to DC 20Mbps

I have to main traffic classes.

1.IPSEC traffic encrypted from Branch to firewall.
2.Critical traffic from Branch to DC.

On my Branch router (1700) i am marking ipsec traffic at input interface and setting it to ip precedence of 4.
on the output intrface i am matching the ip precedence of 4 and assgining it bandwidth of 35%

For the second traffic i am matching it with ip address and assgining it bandwidth of 35%

Since the first class is ipsec i have to do the marking on branch itself so the i could implement qos for ipsec.

On the RO at output interface i am matching ip precedence of 5 assgining it bandwidth of 35% for ipsec
and for the other class i am matching the traffic setting the precedence to 4 and assgining it bandwidth of 35% for ipsec .

My provider is ready to make the chages in his network for my qos to work .

SO in my sending precedence value of 4 and 5 for him to match and send to my DC.

My DC router is 7600 with sup 32 so i cannot apply bandwidth command there .

This is where i have some doubt.

since i have 1 PQ for input and output on 7600 what is the best way to put QOS there.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
spremkumar Tue, 06/29/2010 - 02:46

Hi Vishwa

Which 1700 series model routers are being used out there in the Branch? How many 64K links are getting connected to each branch routers?

The concern here is your old 1700 series routers shouldn't hog you up with the link traffic, encryption and QoS process.

First think is to assess whether your current network setup will be able to cater your requirements (link traffic / encryption / QoS) and then plan for the enhancement of introduction of new technologies.

It might throw you up with new can of worms if you just do without proper assessment.


vishwancc Tue, 06/29/2010 - 05:17

Hi Kumar ,

The points you raised are valid and i am aware of that.

Currently i am not worried about this ,i need some suggestion from experts ,leave aside the pro and cons.




This Discussion