×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

QoS with shared outbound links

Unanswered Question
Apr 2nd, 2012
User Badges:

Got this shared outbound 1 Mbps satellite link used by two remotes sites, inbound uplink is fixed dedicated 512Kbps to each.

They both connect to core using ipsec/gre tunnels through the same physical gigabit ethernet interface.


What I am trying to accomplish is use QoS to give unused bandwidth to whatever site needs it, but if congested each site should be guaranteed no less than 512Kbps


Using QoS-preclassification on the two tunnels we do outbound QoS at the core gigabit ethernet interface.

Parant class-default shape the traffic to 1024Kbps and has an attached child service-policy, this child policy has two classes one for each site matched by access-list on remote site IP range. Each child class has a bandwidth allocation using "bandwidth 512", nothing in class-default, each class has one further attached child service-policy doing the different classifications and prioritizations for VoIP, cirtix, snmp, telnet, ssh and such. (see below for config sample)


Now the policies sems to match and has an effect but latency is more affected that when using one policy for each location where each is shaped to 512Kbps. So is the current configuration allowed in current IOS 15.1 series  and will it function as I expect ?

Could you in theory create an endless tree with childs of childs of childs and so forth?

Any better suggestions allowing both sites to enjoy 1Mbps when bandwidth is available but still guarantee 512Kbps ?


!

class-map match-any Office1

match access-group 121

class-map match-any dscp-critical

match  dscp af31

match protocol citrix

match protocol snmp

match access-group 120

class-map match-any dscp-ef

match ip rtp 16384 16383

match  dscp ef

match protocol telnet

match protocol skinny

match protocol icmp

match protocol ssh

class-map match-any dscp-video

match  dscp af41

class-map match-any Office2

match access-group 122

!

!

policy-map standard-policy

class dscp-ef

  priority percent 25

  set dscp ef

class dscp-critical

  set dscp af31

  bandwidth percent 25

class dscp-video

  set dscp af41

  bandwidth percent 45

class class-default

  fair-queue

  random-detect dscp-based


policy-map tunnel-cir

class Office1

  bandwidth 505

  service-policy standard-policy

class Office2

  bandwidth 505

  service-policy standard-policy


policy-map output

class class-default

  shape average 1020000

  service-policy tunnel-cir

!

!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marwan ALshawi Mon, 04/02/2012 - 15:30
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

well how the policy knows this is traffic belong to office one tunnel for example ?

you need to specify some sort of ACL with tunnel source ad least and use bandwidth command ( CBWFQ) without the child shaping

keep the shaping only to the parent policy

in this case the bandwidth command value will be used in the case of interface congested if not the child policy/traffic can use up to the parent shaping value which is about 1M


hope this help

jarandmoen Mon, 04/02/2012 - 23:48
User Badges:

Marwanshawi, thanks for answer.


Currently the only policy doing shaping is the parent.

The child policy of the shaping parent policy matches traffic on each tunnel using accss-lists in the classes Office1 and Office2, the access-list statments used are:


access-list 121 remark Match Office1 Traffic

access-list 121 permit ip any 172.28.111.0 0.0.0.255


access-list 122 remark Match Office2 Traffic

access-list 122 permit ip any 172.28.112.0 0.0.0.255


The classes matched above is used in the tunnel-cir policy, and each are given bandwidth 512. Since these child policies has another child policy attached (total three levels) will the last and third child policy in the original post function as expected ?

Actions

This Discussion

Related Content