Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

QOS Policy gets Policy hits but doesn't seem to do anything when put to the test

I have been trying to implement a policy that prioritizes certain types of of traffic over another namyly Lync Voice Traffic, Cisco CAPWAP traffic from controllers to AP's, and Citrix ICA Traffic. 

I do recieve policy hits but when I load the connection up with say copying a file the policy seems to not work. This is on a 1921 router. 

 

I will include the config as I may be doing somthing wrong.

boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
aaa authentication login default group radius local
aaa authorization exec default group radius local
!
aaa session-id common
!
ip cef
!
ip domain name pmp.local
no ipv6 cef
multilink bundle-name authenticated
!
username XXXXXXXXXXXXXXXXXXXX
!
ip ssh time-out 60
ip ssh version 2
!
class-map match-any CAPWAP
 match access-group 104
class-map match-any LYNC
 match access-group 103
class-map match-any CITRIX
 match protocol citrix
 match access-group 110
!
policy-map OUTBOUND
 class LYNC
  priority percent 25
 class CITRIX
  priority percent 50
 class CAPWAP
  priority percent 20
 class class-default
  shape average 20000000
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.1
 description LAN Facing
 encapsulation dot1Q 1 native
 ip address 172.16.27.254 255.255.255.0
 ip helper-address 10.128.4.48
 ip helper-address 10.128.4.20
 ip helper-address 172.16.27.79
 no ip redirects
 ip flow ingress
!
interface GigabitEthernet0/0.5
 encapsulation dot1Q 5
 ip address 172.16.127.254 255.255.255.0
 ip helper-address 10.128.4.48
 no ip redirects
 ip flow ingress
!
interface GigabitEthernet0/0.50
 description ITTestVlan Interface
 encapsulation dot1Q 50
!
interface GigabitEthernet0/1

description PointToPoint

bandwidth 20480

ip address 10.0.27.254 255.255.255.0

 no ip redirects
 ip flow ingress
 duplex full
 speed 100
 service-policy output OUTBOUND
!
router eigrp 10
 network 10.0.27.0 0.0.0.255
 network 172.16.27.0 0.0.0.255
 network 172.16.127.0 0.0.0.255
!
ip forward-protocol nd
ip forward-protocol udp 4011
ip forward-protocol udp bootps
!
no ip http server
ip http access-class 23
ip http authentication aaa login-authentication default
ip http authentication aaa exec-authorization default
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 1000
!
ip route 0.0.0.0 0.0.0.0 172.16.27.253 200
!
access-list 23 permit 10.0.27.0 0.0.0.255
access-list 23 permit 172.16.0.0 0.0.0.255
access-list 23 permit 172.16.27.0 0.0.0.255
access-list 23 permit 172.16.127.0 0.0.0.255
access-list 103 remark LYNC-Priorisation
access-list 103 permit tcp any any eq 3389
access-list 104 remark CAPWAP-Priority
access-list 104 permit udp any eq 5246 any
access-list 104 permit udp any any eq 5246
access-list 104 permit udp any eq 5247 any
access-list 104 permit udp any any eq 5247
access-list 110 remark Citrix-Priorisation
access-list 110 permit tcp any eq 2598 any
access-list 110 permit tcp any any eq 2598
access-list 110 permit tcp any eq 1494 any
access-list 110 permit tcp any any eq 1494
!
snmp-server enable traps entity-sensor threshold
radius-server host 10.128.4.20 key XXXXXXXXXXXXXXXXXXXXXXXXXX
!
control-plane
!
 

 

Everyone's tags (1)
1 REPLY
Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

So what do you have, a 100 Mbps Ethernet hand-off with a 20 Mbps bandwidth cap?

 

If so, you want to shape for your logical bandwidth cap and then priorize, as desired, in a child policy.

 

BTW, you normally don't use LLQ for other than very time critical traffic, e.g. VoIP bearer, and Cisco recommends you don't allocate more than a third of your bandwidth to LLQ.

 

I would suggest you just shape for your 20 Mbps and try FQ for all traffic.

 

e.g.

policy-map Sample

class class-default

shape average 20000000

fair-queue

 

NB: I'm unsure whether FQ will apply to the shaped traffic, if not:

 

policy-map SampleParent

class class-default

shape average 20000000

service-policy SampleChild

 

policy-map SampleChild

class class-default

fair-queue

 

NB: SampleChild is where/how you would provide a custom policy for your shaped traffic.

 

PS:

BTW, you apply the policy with the shaper to the interface.

73
Views
0
Helpful
1
Replies