09-03-2010 05:21 AM - edited 03-04-2019 09:38 AM
Hi People,
I have a DMVPN with 100 spokes and two hubs over MPLS. I have eigrp over encrypted gre and I notice that I have a lot of hold time expired for some spokes. First I think I should increase hold time from 15secs to 60secs since this is a wan link. Is this a good idea?
2nd, my provider only treats preferably packets matched with precedence 3 and everything else is remarked to 0.
So I would like to remark eigrp packets generated from the spoke router to precedence 3. Is this possible?
I tried a policy with match protocol eigrp, set precedence 3, but I don't see any matches.
class-map match-any preced-3
match protocol eigrp
policy-map new_branch_policy
class preced-3
bandwidth percent 50
set precedence 3
09-03-2010 06:31 AM
Hi,
Yes, it is possible to remark eigrp packets. Which interface did you apply the policy-map? On what platform?
I think you try to increase the hold timer and leave the hello timer as default, see if that helps.
Regards,
Lei Tian
09-03-2010 06:42 AM
ok, i think i made a mistake by applying the policy map on the physical outbound interface.
However since the eigrp gets encrypted I think it should be applied on the dmvpn tunnel interface.
My only problem is that the tunnel interface doesn't accept service-policy.
So how can I remark eigrp packets generated from the same router before they leave the outbound interface?
09-03-2010 06:53 AM
Yes, apply on physical interface will not match eigrp packets.
Tunnel is a logical interface, there is no tx-ring to generate back pressure for software queueing to kick in. You cannot CBWFQ on tunnel interface. Remove the bandwidth statement and then apply the policy-map on tunnel should be fine.
If you want use CBWFQ, then you have to use HQOS.
Regards,
Lei Tian
09-03-2010 06:54 AM
if you apply it on the physical, you could use qos preclassify command on the physical. The 'qos pre-classify' command configures the IOS to make a temporary copy of the IP packet before it is encapsulated or encrypted so that the service policy on the (egress) interface can do its classification based on the original (inner) IP packet fields rather than the encapsulating (outer) IP packet header.
Francisco
09-03-2010 07:08 AM
qos preclassify is on on the tunnel interface. on the physical is not possible to add it.
the service-policy command is not accepted at all at the tunnel interface (this is mgre interface, on gre I could put it)
I get % Invalid input detected at '^' marker. IOS is adv security 124-22.T5 on 2811
09-03-2010 08:10 AM
Yes, starts from 12.4(22)T, the DMVPN QOS model has changed to per-tunnel qos. The remarking policy need to be configured on hub site. See the configuration example.
Regards
Lei Tian
09-03-2010 08:54 AM
Just tested another way do remark EIGRP packet. Apply policy-map on physical interface use follwing config.
class-map REMARK
match ip dscp 48
policy-map REMARK
class REMARK
set ip prec 3
int X/X physical interace
service-policy out REMARK
Regards,
Lei Tian
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: