Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Traffic Shaping on PIX version 8

Hello I would like to configure traffic shaping on wan to wan of 2 PIXes ( vpn site 2 site ) running 8.0.4 version

Remote Topology :

100 Mbps Inside ( dot1q interfaaces : some vlans + voice vlan )

100 Mbps Interface Outside : single interface using vpn Lan to Lan -> catalyst -> 10 Mbps Wan link -> PIX on central office

Total wan bandwith : 10 Mbps

Central site topology :

100 Mbps Outside PIX interface -> catalyst -> 10 Mbps wan link to remote site

Desired bandwith assignment :

2 Mbps for Voice Vlan guaranteed or for destination Voice subnets address ( i.e remote 10.1.0.0/24 & 10.2.0.0/24 )

5 Mbps for remote to central site communication ( cifs, smtp, http  ... etc ) ( remote networks10.80.0.0/24 + 10.90.0.0/24 )

2 Mbps for http ( rest of web browsing like internet )

1 Mbps for the rest of traffic

If I follow the document :

https://supportforums.cisco.com/docs/DOC-1230;jsessionid=AE6DD382CD127942A24AA17C04A1917E.node0

I cannot find where is defined the bandwith assignemt for the example :

(  says : " ... In other words we will traffic shape all traffic for 900kbps, prioritize the voice and guarantee 100kbps for it ... "

Where is the 900 Kbps and the 100 Kbps of the guarantee ?

Traffic Shaping with Prioritization

Now, lets assume that we have the same ASA as in the previous case. And we now want to traffic shape all traffic and prioritize the voice through the VPN. In other words we will traffic shape all traffic for 900kbps, prioritize the voice and guarantee 100kbps for it. Again, we assume that the voice traffic is flagged with dhcp field ef and the tunnel group name is tunnel-grp1.

ASA(config)# priority-queue outside

ASA(config)# class-map TG1-voice-class
ASA(config-cmap)# match tunnel-group tunnel-grp1
ASA(config-cmap)# match dscp ef

ASA(config-cmap)# policy-map priority-policy
ASA(config-pmap)# class TG1-voice-class
ASA(config-pmap-c)# priority

ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 1000000
ASA(config-pmap-c)# service-policy priority-policy


ASA(config-pmap-c)# service-policy shape-priority-policy interface outside


Thank you.
2 ACCEPTED SOLUTIONS

Accepted Solutions

Re: Traffic Shaping on PIX version 8

Cisco Employee

Re: Traffic Shaping on PIX version 8

I fixed the document. There was a typo. It should have been:

ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 900000
ASA(config-pmap-c)# service-policy priority-policy

As for your setup, I think with the bw requirements you have, you need to police 5 Mbps for the http,
2 Mbps for for cifs etc (the police should be with a new policy-map).
Then traffic shape the default traffic to 1Mbps and prioritize the voice that you want. By definition
the voice will get the remaining 2 Mbps if you shape and police the rest.
I hope it makes sense.

PK
3 REPLIES

Re: Traffic Shaping on PIX version 8

Cisco Employee

Re: Traffic Shaping on PIX version 8

I fixed the document. There was a typo. It should have been:

ASA(config-pmap-c)# policy-map shape-priority-policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# shape average 900000
ASA(config-pmap-c)# service-policy priority-policy

As for your setup, I think with the bw requirements you have, you need to police 5 Mbps for the http,
2 Mbps for for cifs etc (the police should be with a new policy-map).
Then traffic shape the default traffic to 1Mbps and prioritize the voice that you want. By definition
the voice will get the remaining 2 Mbps if you shape and police the rest.
I hope it makes sense.

PK
New Member

Re: Traffic Shaping on PIX version 8

Thanks a lot !!

Regards.

909
Views
0
Helpful
3
Replies
CreatePlease to create content