×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

My traffic isn't getting marked! QoS

Answered Question
Jul 1st, 2014
User Badges:

Hi.  Thanks viewing my post!

I'm trying out some QoS configuration for a VDI deployment and have a problem with our 6509 switches not marking the traffic (possibly user error)..

As VDI solutions don't seem to have the ability to mark traffic at the server or client (unlike phones system server/clients etc) I've had to resort to marking traffic on the access switches.

At the moment, as a test, I'm just trying to mark telnet traffic with a dscp value of 34 (af41).  I am seeing hits on the access-lists but the policy-map PCoIP_Set_AF41 doesn't seem to be setting the dscp value to 34 as I want.

Please could somebody advise where I'm going wrong or provide some troubleshooting tips?

Thank you,

Andy
 

access-list 100 permit tcp any any eq telnet


class-map match-all PCOIP-IN
  match access-group 100


policy-map PCoIP_Set_AF41
  class PCOIP-IN
   set dscp af41


interface Vlan33
 description ....
 *** output omitted ***
 standby 33 preempt
 service-policy input PCoIP_Set_AF41

 

Correct Answer by Joseph W. Doherty about 3 years 1 month ago

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

On a 6500, if you use a VLAN based policy, I believe you're supposed to configure the physical port to use the policy attached to the VLAN interface.  You can also apply policies, I also believe, to the physical interfaces, but with pre-sup2Ts, you exceed some QoS limits if you don't use VLAN based policies.

If your WAN router supports HQF, I would recommend something like:

  Policy Map WAN_QoS
    Class IPVoice-Priority
      priority percent 33
    Class PCoIP-Priority
      bandwidth remaining percent 99
      fair-queue !or not, i.e. optional
    Class class-default
      bandwidth remaining percent 1
      fair-queue

If your router doesn't support HQF, would suggest upgrading to an IOS that does.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Joseph W. Doherty Tue, 07/01/2014 - 09:21
User Badges:
  • Super Bronze, 10000 points or more

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Do your physical (VLAN 33) ingress ports have "mls qos vlan-based"?

Your PCoIP is matching Telnet.  Your ACL 100 should be something more like:

ip access-list extended QOS-ACL-PCOIP

permit tcp any any eq 4172

permit udp any any eq 4172

permit tcp any any eq 32111

permit tcp any eq 4172 any

permit udp any eq 4172 any

permit tcp any eq 32111 any

andy roles Tue, 07/01/2014 - 10:01
User Badges:

Hi Joseph,

Thanks for your response.

I was using telnet just to keep it simple when generating test traffic with the intention of building a suitable ACL once I'd witnessed the markings being applied by the 6509s.

With regards to the 'mls qos vlan-based' I've appended that line of config to my own office access port but I'm still not seeing the traffic being marked?  I have to confess - it's the first time I've seen that command :o)

Have you got any other ideas as to what the problem could be?

 

Additionally - I have another quick question here and wondered if you could give me your opinion?

From your ACL proposal I'm guessing you're familiar with VDI deployment.  I've been trying to find good consistent information regarding best practice for deploying QoS for VDI but this hasn't been easy.   I've ended up with the following policy on our 100Mbps WAN link:


  Policy Map WAN_QoS
    Class IPVoice-Priority
      priority 30000 (kbps)
    Class PCoIP-Priority
      bandwidth 40000 (kbps)
    Class class-default
      fair-queue

Do you think this looks sensible or do you think I would I be best to just allocate bandwidth to voice rather than give it priority?

Thanks again!

Andy

 

Correct Answer
Joseph W. Doherty Tue, 07/01/2014 - 10:44
User Badges:
  • Super Bronze, 10000 points or more

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

On a 6500, if you use a VLAN based policy, I believe you're supposed to configure the physical port to use the policy attached to the VLAN interface.  You can also apply policies, I also believe, to the physical interfaces, but with pre-sup2Ts, you exceed some QoS limits if you don't use VLAN based policies.

If your WAN router supports HQF, I would recommend something like:

  Policy Map WAN_QoS
    Class IPVoice-Priority
      priority percent 33
    Class PCoIP-Priority
      bandwidth remaining percent 99
      fair-queue !or not, i.e. optional
    Class class-default
      bandwidth remaining percent 1
      fair-queue

If your router doesn't support HQF, would suggest upgrading to an IOS that does.

andy roles Wed, 07/02/2014 - 07:13
User Badges:

Hi Joseph.

Thanks for your help on this.  Very much appreciated.

I've been pulled on to other stuff since yesterday but I'm hoping to give your suggestions a try later today.

I'll update once I've tried this out.

Thanks again.

Andy

 

 

 

andy roles Thu, 07/03/2014 - 09:37
User Badges:

Hi Joseph,

I tried variations of applying the 'service-policy input PCoIP_Set_AF41' command.  I put it on my access port on the 6509, the vlan 33 SVI interface and both.  I noticed also that the 'mls qos vlan-based' command, when applied to my access-port resulted in an overriding of the 'service-policy input PCoIP_Set_AF41' command'.

e.g:

RS03-6509E-DIST-ML-0(config-if)#mls qos vlan-based
QOS: Interface GigabitEthernet3/23 have at least one service-policy
associated with it. 'mls qos vlan-based' overrode service-policy
configuration(s).
RS03-6509E-DIST-ML-0(config-if)#

 

If you have any further ideas that would be much appreciated!  I'm at a bit of a loss with this.

Andy

 

 

andy roles Tue, 08/12/2014 - 05:01
User Badges:

Hi Joseph.

 

I've been off the grid for a while.  Just wanted to say thanks for your response.  I tried out the 'mls qos vlan-based' commands and they worked :o).

 

Thanks also for your recommendations around policies.

 

Regards,

 

Andy

 

Actions

This Discussion