hi Jcarvaja, 

thanks for taking the time to respond to my query unfortunately i cannot use the "priority-queue outside" command the only option i have here is to use the management interface.

i believe this might be because i have an ether channel (port channel) configured from x4 interfaces of the ASA5515 to x4 interfaces on the switch stack to trunk multiple VLANS and it expects to see the nameif command configured on the physcial interface which is not relevant in this case. 

when using ethernet channel is it possible to use priority queing ? 

thanks in advance

-------

my config looks like this which faces the stack 

!
interface GigabitEthernet0/0
 channel-group 1 mode active
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/1
 channel-group 1 mode active
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/2
 channel-group 1 mode active
 no nameif    
 no security-level
 no ip address
!
interface GigabitEthernet0/3
 channel-group 1 mode active
 no nameif
 no security-level
 no ip address
!
!
interface Port-channel1
 no nameif
 no security-level
 no ip address
!
interface Port-channel1.3
 vlan 3
 nameif inside
 security-level 100
 ip address 10.0.0.0 255.255.255.0 
!
interface Port-channel1.111
 vlan 111
 nameif outside
 security-level 0
 ip address XXX.XXX.XXX.XXX 255.255.255.X 
!          

good afternoon,

can anyone help point me in the right direction here

thanks in advance.

Hello Matthew,

There are 2 ways to configure Priority queuing at the ASA level.

From what I can tell you are trying to use Strict mode. Can you use Hierarchical method:

http://blog.ine.com/2008/09/16/qos-on-the-pixasa-%E2%80%93-part-3priority-queuing/

Let us know how it goes,

Jcarvaja

hi julio,

thanks again for responding

the "Hierarchical method" again uses the "shape average" command which is not available in the next gen firewalls which i am using specifically ASA5515.

i could perhaps use the "Standard Priority Queuing" method however as per by previous note there is no option to use "priority-queue outside" as the only interface i see as an option is the management interface i think this is as i am doing etherner channel from ASA to switch stack which expects the nameif commands to be applied to the physcial interfaces.

i can find no reference to using QOS on ASA when using etherchannel which is where the sticking point now is.

if i can figure out how to use QOS whilst using etherchannel i will be able to use the standard queuing method. 

if anyone has an example of this it would be greatly appreciated.

That's why I asked you at the beginning to use policing instead of shapping.

Regards,

Jcarvaja

hey there, 

same thing applies 

if i enter "priority-queue ?" i only get the option of the management interface see attached

-------

!
priority-queue outside
!
service-policy police-priority-policy interface outside
!

good afternoon,

having read the official ASA manual all examples given use the "priority-queue" command which when using ether channel is not possible

i see on amazon that the new revision of the ASA book is coming out shortly which should hopefully address QOS when using ether channel as i cannot find a valid example anywhere

has anyone activiely configured this in production using the next generation firewalls