Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Qos questions policing vs shapping

Hi All,

I am trying to configure qos on my asa 5505. I have read abit about the qos on the publicly available cisco documents.

Here is where I need expert clarification on this

What is shapping vs policing ?

What is priority queue?

I understand shapping is to shape the overall traffic going out/comming in from/to the interface  to the rate specified and if above then buffered and if buffer full then tail dropped.

Policing is the process of smoothing the traffic out and anything above it either drop or transmit or change the qos field. Asa does not offer the option of changing the qos field (DS).

I think they are sort of exactly the same if policing has transmit or ds bit change on the exceeded packet. Am I correct ?

Where would you use policing and where to use shapping ?

In my scenario, I want to limit per user connection to 300Kbps and have an overall speed of 3Mb available. I think for this I need policing for 300kbps and shapping for the 3 mb

I have configured the policing for the 300kbps but is is limiting over all bandwidth to 300kbps and not individual. Any ideas why ?

In another word, is policing for per connection from ip and shapping for overall throughput?

Finally when the bandwidth is overloaded lets say 20 client each trying to send 500 kbps on a 3Mb line what happens?

I think the shaping will reduce it down to 3mb over all but policing of 300 kbps will no longer  be effective as it is going to be dropped by the 3mb shapping ? am I correct ?

Finally , where would you place the policy map. I have 3 interface vlans each needing lets say 3mbps up/down. So I think I should have three service policy and assign it to each vlan for input/output as opposed to having one on the external or internet vlan.

In another word should I apply the qos closet to the source or on the exit (internet interface )?

I don’t think you can do Wred and RED with asa, it is just fifo or tail drop? Also it can not tag the packet or set ds bit

If that is the case then I think, cisco ASA is not meant to be QOS device but router (ios based) ? am I correct ?

I understand this is a lot of questions and appreciate your reply