QOS Policy gets Policy hits but doesn't seem to do anything when put to the test
I have been trying to implement a policy that prioritizes certain types of of traffic over another namyly Lync Voice Traffic, Cisco CAPWAP traffic from controllers to AP's, and Citrix ICA Traffic.
I do recieve policy hits but when I load the connection up with say copying a file the policy seems to not work. This is on a 1921 router.
I will include the config as I may be doing somthing wrong.
boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! aaa new-model ! aaa authentication login default group radius local aaa authorization exec default group radius local ! aaa session-id common ! ip cef ! ip domain name pmp.local no ipv6 cef multilink bundle-name authenticated ! username XXXXXXXXXXXXXXXXXXXX ! ip ssh time-out 60 ip ssh version 2 ! class-map match-any CAPWAP match access-group 104 class-map match-any LYNC match access-group 103 class-map match-any CITRIX match protocol citrix match access-group 110 ! policy-map OUTBOUND class LYNC priority percent 25 class CITRIX priority percent 50 class CAPWAP priority percent 20 class class-default shape average 20000000 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 no ip address duplex auto speed auto ! interface GigabitEthernet0/0.1 description LAN Facing encapsulation dot1Q 1 native ip address 172.16.27.254 255.255.255.0 ip helper-address 10.128.4.48 ip helper-address 10.128.4.20 ip helper-address 172.16.27.79 no ip redirects ip flow ingress ! interface GigabitEthernet0/0.5 encapsulation dot1Q 5 ip address 172.16.127.254 255.255.255.0 ip helper-address 10.128.4.48 no ip redirects ip flow ingress ! interface GigabitEthernet0/0.50 description ITTestVlan Interface encapsulation dot1Q 50 ! interface GigabitEthernet0/1
ip address 10.0.27.254 255.255.255.0
no ip redirects ip flow ingress duplex full speed 100 service-policy output OUTBOUND ! router eigrp 10 network 10.0.27.0 0.0.0.255 network 172.16.27.0 0.0.0.255 network 172.16.127.0 0.0.0.255 ! ip forward-protocol nd ip forward-protocol udp 4011 ip forward-protocol udp bootps ! no ip http server ip http access-class 23 ip http authentication aaa login-authentication default ip http authentication aaa exec-authorization default ip http secure-server ip http timeout-policy idle 60 life 86400 requests 1000 ! ip route 0.0.0.0 0.0.0.0 172.16.27.253 200 ! access-list 23 permit 10.0.27.0 0.0.0.255 access-list 23 permit 172.16.0.0 0.0.0.255 access-list 23 permit 172.16.27.0 0.0.0.255 access-list 23 permit 172.16.127.0 0.0.0.255 access-list 103 remark LYNC-Priorisation access-list 103 permit tcp any any eq 3389 access-list 104 remark CAPWAP-Priority access-list 104 permit udp any eq 5246 any access-list 104 permit udp any any eq 5246 access-list 104 permit udp any eq 5247 any access-list 104 permit udp any any eq 5247 access-list 110 remark Citrix-Priorisation access-list 110 permit tcp any eq 2598 any access-list 110 permit tcp any any eq 2598 access-list 110 permit tcp any eq 1494 any access-list 110 permit tcp any any eq 1494 ! snmp-server enable traps entity-sensor threshold radius-server host 10.128.4.20 key XXXXXXXXXXXXXXXXXXXXXXXXXX ! control-plane !
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
So what do you have, a 100 Mbps Ethernet hand-off with a 20 Mbps bandwidth cap?
If so, you want to shape for your logical bandwidth cap and then priorize, as desired, in a child policy.
BTW, you normally don't use LLQ for other than very time critical traffic, e.g. VoIP bearer, and Cisco recommends you don't allocate more than a third of your bandwidth to LLQ.
I would suggest you just shape for your 20 Mbps and try FQ for all traffic.
shape average 20000000
NB: I'm unsure whether FQ will apply to the shaped traffic, if not:
shape average 20000000
NB: SampleChild is where/how you would provide a custom policy for your shaped traffic.
BTW, you apply the policy with the shaper to the interface.