Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7539
Views
0
Helpful
1
Replies

Hierarchial policing and shaping

kajetankk
Level 1
Level 1

‎08-23-2010 05:34 PM - edited ‎03-04-2019 09:31 AM

Hi all,

When applying my config I am getting an error of 'Cannot attach queuing-based child policy to a non-queuing based class'. Hopefully someone can take a look through this and advise if my syntax or methodology are wrong. I am assuming it is wanting me to make the Parent policy shaping rather than policing..

I have a traditional network with a single head office and multiple branches connected via a carrier IPWAN. The head office bandwidth into the IPWAN cloud is policed by the carrier to 10Mb and branches have varying bandwidth provided in the range of .5 - 4Mb.

Wanting to place some QoS at my head office link with the aim to

  •      Police outbound traffic to a maximum of 10Mb     then>
  •      Shape outbound traffic to branches to the speed of the link at the branch     then>
  •      Assign bandwidth to traffic classes

My reasoning is

  • That I would rather see the drops on my interface, rather than have the carrier drop my traffic,
  • I do not want to flood branches with greater amounts of traffic than they can handle and have the carrier drop this at the branch PE.
  • Prioritise certain traffic types

interface GIG0/0

bandwidth 10000

(...omitted for brevity)

service-policy output WAN-EGRESS-PARENT

policy-map WAN-EGRESS-PARENT
class class-default
   police rate 10000000
     conform-action transmit
     exceed-action drop
  service-policy WAN-EGRESS-CHILD

policy-map WAN-EGRESS-CHILD
class Site_Branch1
  shape average 4000000
  service-policy QUEUING_POLICY
class Site_Branch2
  shape average 2000000
  service-policy QUEUING_POLICY

policy-map QUEUING_POLICY
class ICMP_Traffic
    bandwidth 8
  class Critical-Data
    priority percent 25
class Scavenger
    bandwidth percent 1
class Bulkdata
    bandwidth percent remaining 20

    random-detect dscp-based

class class-default
     random-detect dscp-based

      
    class-map match-all ICMP_Traffic
    match access-group name ICMP
    class-map match-any Site_Branch1
    match access-group name Site_Branch1
    class-map match-any Site_Branch2
    match access-group name Site_Branch2
    class-map match-any Critical-Data
    match ip dscp ef
    class-map match-any Scavenger
    description Scavenger class to be used for unwanted traffic
    match ip dscp cs1
    class-map match-any Management
    match ip dscp af21
    class-map match-any Critical-Data
    description Critical Data Services
    match ip dscp af31
    match ip dscp cs6
    ip access-list extended ICMP
    permit icmp any any
    ip access-list extended Site_Branch1
    permit ip any 10.xx.xx.0 0.0.0.255
    ip access-list extended Site_Branch2
    permit ip any 10.xx.xx.0 0.0.0.255
Labels:
0 Helpful
1 Reply 1

Lei Tian
Cisco Employee
Cisco Employee

‎08-23-2010 06:08 PM

Hi,

Change the parent level class to shaping instead of policing should help. A policer (non-queuing) doesn't generate back pressure like shaper does, so it cannot be used on the parent level in HQoS config.

HTH,

Lei Tian

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card