05-27-2017 06:20 PM - edited 03-05-2019 08:36 AM
I have a Cisco 1941 router and I want to be able to configure a QOS policy which attaches to the WAN port (Gi0/0) for all outgoing traffic.
I want to be able to give priority to traffic in a certain order without needing to specify minimum bandwidth.
I want traffic to be prioritised as it exits Gi0/0 going to the WAN provider in this order:
1: voice over ip
2: citrix
3: http/https
4: sql
5: all data to a /24 subnet
6: all other data
I have access lists to identify the following traffic: citrix, http/https, sql and /24 subnet.
ip access-list extended citrix
permit tcp any any eq 1494
permit udp any any eq 1494
permit tcp any any eq 2598
permit udp any any eq 2598
ip access-list extended http-https
permit tcp any any eq 80
permit tcp any any eq 443
ip access-list extended sql
permit tcp any any eq 1433
ip access-list extended dr-site
permit ip any 172.18.32.0 0.0.0.255
Then i have class maps:
class-map match-any voip
match dscp ef
match dscp af31
match dscp cs5
class-map match-any citrix
match access-group name citrix
class-map match-any http-https
match access-group name http-https
class-map match-any sql
match access-group name sql
class-map match-any dr-site
match access-group name dr-site
A Policy Map to put the above in to:
policy-map qos-to-wan
class voip
!!priority 1!!
class citrix
!!priority 2!!
class sql
!!priority 3!!
class http-https
!!priority 4!!
class dr-site
!!priority 5!!
class class-default
fair-queue
Then attach it outbound to Gi0/0
interface gigabitethernet0/0
service-policy output qos-to-wan
I think i mostly have it but i don't know how you say in the policy map that you want the priorities as listed above. When there is congestion i want the higher priority traffic to come ahead of the lower priority traffic. For example if the outbound link is at 100% bandwidth utilization i want to ensure that sql traffic will always be put before http-https traffic.
What's missing?
Solved! Go to Solution.
05-28-2017 06:50 AM
Hello,
you could configure the egress queue on the interface and use SRR shaped weights. The idea is to set the classes to a certain DSCP value, which is mapped to one of the four egress queues, 0 thru 3 (which immediately points to the problem with this solution: you have five classes, but only four egress queues). Either way, in the configuration below, I have mapped the last two classes to queue 3, so they both get the same weight.
The DSCP values are the defaults that map to the four queues:
DSCP 47 = 0
DSCP 15 = 1
DSCP 31 = 2
DSCP 63 = 3
The srr queue assigns weights to each queue, 3 means 1/3 of 100.
So this is what you need to configure:
class voip
set dcsp 47
class citrix
set dscp 15
class sql
set dscp 31
class http-https
set dscp 63
class dr-site
set dscp 63
class class-default
fair-queue
interface GigabitEthernet0/0
srr-queue bandwidth shape 3 4 5 6
Hope this makes sense...
05-28-2017 04:13 AM
Hello,
the priority you configured (1,2,3,4,5) will assign 1,2,3,4,5 Kbps of traffic matching the class, which is not what you want.
Try the below instead:
policy-map qos-to-wan
class voip
priority percentage 30
class citrix
priority percentage 25
class sql
priority percentage 20
class http-https
priority percentage 15
class dr-site
priority percentage 10
class class-default
fair-queue
or (sorry, I guess you indicated that this is not what you want)...
policy-map qos-to-wan
class voip
bandwidth percent 30
class citrix
bandwidth percent 25
class sql
bandwidth percent 20
class http-https
bandwidth percent 15
class dr-site
bandwidth percent 10
class class-default
fair-queue
05-28-2017 04:21 AM
What I meant is I want the traffic to be prioritised in that order without needing to specifiy a minimum or maximum bandwidth allocation. I want to know how to prioritise the traffic in that order without needing to allocate a minimum bandwidth (whether 'bandwidth percent' or 'priority percent') to each one.
For example: I want citrix to be prioritised above sql, but i don't want to need to specify what minimum bandwidth it can use, I just want them to be prioritised in that order.
05-28-2017 06:50 AM
Hello,
you could configure the egress queue on the interface and use SRR shaped weights. The idea is to set the classes to a certain DSCP value, which is mapped to one of the four egress queues, 0 thru 3 (which immediately points to the problem with this solution: you have five classes, but only four egress queues). Either way, in the configuration below, I have mapped the last two classes to queue 3, so they both get the same weight.
The DSCP values are the defaults that map to the four queues:
DSCP 47 = 0
DSCP 15 = 1
DSCP 31 = 2
DSCP 63 = 3
The srr queue assigns weights to each queue, 3 means 1/3 of 100.
So this is what you need to configure:
class voip
set dcsp 47
class citrix
set dscp 15
class sql
set dscp 31
class http-https
set dscp 63
class dr-site
set dscp 63
class class-default
fair-queue
interface GigabitEthernet0/0
srr-queue bandwidth shape 3 4 5 6
Hope this makes sense...
05-29-2017 10:23 PM
Are there only 4 queues available in total?
How did you work out those DSCP values - 47, 15, 31, 63?
05-29-2017 11:53 PM
Hello,
there are indeed only 4 egress queues.
The default DSCP values to queue mappings are:
DSCP values 40–47 are mapped to queue 1
DSCP values 0–15 are mapped to queue 2
DSCP values 16–31 are mapped to queue 3
DSCP values 32–39 and 48–63 are mapped to queue 4
So the values I picked are random, you can pick any value from those ranges.
Does that make sense ?
05-30-2017 05:26 AM
there are indeed only 4 egress queues.
On a 1941?
SRR on a 1941's built-in port?
Are you sure? I thought a 1941 supported ISR QoS.
05-30-2017 11:15 AM
Joseph,
you are right, small but important detail: 1941 doesn't support SRR...ouch !
I am thinking, since OP doesn't want to use anything bandwidth, the following might work as well, and it is actually very close to the original policy:
policy-map qos-to-wan
class voip
set ip-precedence 5
class citrix
set ip-precedence 4
class sql
set ip-precedence 3
class http-https
set ip-precedence 2
class dr-site
set ip-precedence 1
class class-default
fair-queue
or
policy-map qos-to-wan
class voip
set ip-dscp cs5
class citrix
set ip-dscp cs4
class sql
set ip-dscp cs3
class http-https
set ip-dscp cs2
class dr-site
set ip-dscp cs1
class class-default
fair-queue
05-30-2017 12:18 PM
For your scheme, you probably also want class-default to be IPPrec 0 or DSCP BE.
Also, by default, don't believe a 1941 would treat marked ToS differently.
05-30-2017 05:24 AM
What you're describing sounds much like priority queuing which a) I don't think is supported in later IOS images, b) I only recall it supporting 4 levels and c) higher level traffic can starve lower level traffic of all bandwidth.
Interface WFQ bumps priority based on ToS, but a) I don't believe that's any longer supported in later IOS images and b) FQ within CBWFQ, since HQF, don't auto bump priority based on ToS.
What I would recommend is a general 4 class CBWFQ policy similar to:
policy-map sample
class real-time
priority percent 33
class foregound
bandwidth remaining 81
fair-queue
class background
bandwidth remaining 1
fair-queue
class class-default
bandwidth remaining 9
fair-queue
(Yea I know, bandwidth percentage are being set but some value is required when setting class bandwidth values. What's really being done, relative priority ratios are being set between the classes.)
Map your VoIP bearer traffic to real-time.
Map your VoIP signally and Citrix (screen scraping [can be determined using NBAR]) traffic to foreground. (Be very careful what you map to foreground. It should really need the extra priority and should be light on bandwidth usage.)
Allow everything else to go to class default.
If you have "known" low-priority bandwidth hog traffic, something like backups, map that to the background class.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide