03-03-2009 03:02 AM - edited 03-15-2019 05:06 AM
Hello,
I want to set up a priority for VoiP traffic.
I have router 1814; 3 subnets (172.31.0.0/24, 172.31.1.0/24 and 10.10.10.0/24) and my outside interface to my ISP. Subnet 10.10.10.0 is for VOIP.
QoS configuration:
class-map match-any DATA
match protocol http
match protocol secure-http
match protocol ftp
class-map VOIP
match protocol rtp audio
class-map IPSEC
match-protocol ipsec
class-map SQL
match protocol sqlserver
class-map match-any EMAIL
match protocol pop3
match protocol imap
match protocol snmp
policy-map MYPOLICY
class DATA
bandwidth percent 20
class VOIP
priority percent 10
class IPSEC
bandwidth percent 5
class SQL
bandwidth percent 20
class EMAIL
bandwidth percent 10
And I apply it on my outside interface output direction.
So, these rulles applies to traffic for all 3 subnets. But subnet 172.31.0.0/24 must have the most priority.I want to say that class-map DATA must apply diffrently for my subnets.I want subnet 172.31.0.0/24 to have best priority for http traffic. Hope u understand my problem.
Should I make another policy for subnet 172.31.1.0 to limit the traffic per bits? And apply where? On 172.31.1.0 interface IN direction? What is the order a packet from 172.31.1.0 goes through? :
its acl, nat , ipsec encapsulation, qos marking/policing?
I know I must read more about QoS, but hopefuly somebody could point me to the right direction.
Thank u!
03-03-2009 07:06 AM
I will let someone else answer the priority question, but I noticed that you have snmp in your EMAIL class-map. Did you mean to put SMTP there instead?
03-03-2009 10:13 AM
yes..of course SMTP
my mistake
03-04-2009 12:12 AM
I did more reading and I found out that QoS and VPN are not realy friends.
I learned that u can't do QoS through VPN, except when u are using the same ISP on both VPN ends.
The order is VPN encapsulation than QoS marking, unless u are using pre-clasify that is reversing that order: first QoS marking then VPN encapsulation.
How can I test to see if the packets that goes through VPN are marked by QoS? Is there a command to see that?
03-04-2009 05:55 AM
'show policy-map interface' will show you what you're matching in certain classes. Depending on what type of traffic you're trying to test, you can create a class for that, apply it to the interface, and then check if you're hitting it.
-nick
03-05-2009 04:22 AM
thank u for your answer.
I did more reading and I found about "auto discovery qos" , this analyze my traffic and after 5 days shows me a recomanded qos configuration. I've seen this for a serial interface, but I have an ethernet interface. Before auto discovery qos I should set my bandwith and remove any policy for that interface. But what bandwidth should I set for my ethernet interface? I have 4Mbps for international traffic and 10Mbps for metropolitan traffic.
Thank u again!
03-05-2009 05:17 AM
in the in direction ACL will be used then qos then IPsec
but with IPsec there issue
the traffec get marcked then encapsulated when it go to the policy the marking will be inside the IPsec header !!!
but if you read abot v3pn and use it with ipsec this will take copy of the marking header and put it in the outer header of the ipsec this way you can prioritize traffic even with vpn
for bandwith garntee and priority u can use it only outbound i mean the policy thus use it outpput on the outside interface
for remarking u can use it inbound or outbound
Bandwidth:
bandwith is imortant to put it on the interface to let the policy refrence the interface bandwidth becuase for example if u leave it 100 and u have only 4mb then even if your interface conjested the policy will not work becuase the policy is refrencing the amount of bandwidth from the interface
thats why it is important
good luck
if helpful Rate
03-05-2009 05:41 AM
I did not know about v3pn .. I'll read about. thank u
but I need to know this: I understand that it is important to set the bandwith, but I have diffrent bandwith for international trafic and for local traffic.(10Mbps for local traffic and 4Mbps for international traffic). So what bandwith should I set ?
Hope u understand my question!
and thank u for answer
03-05-2009 01:12 PM
ok
from my understanding ( if wrong correct me plz!)
you have link with 7 Mb
divided to tow clsses 4 and 3
can you let me know if the above right about the one with ow calsses
also is the traffic will be divided by source IPs i mean you tw diffrent source subnets/ or based on disstination ?
i need to know how you distingush between traffic this for the 4 and that for the the 3
thanks
03-06-2009 12:50 AM
My ISP limits my traffic:
- 4Mbps for international
- 10Mbps for metropolitan
I need to implement QoS using "auto discovery qos" ; and fot that I need to setup the bandwith for the interface that connects me to ISP. My question was, what bandwith should I set? 4Mbps or 10Mbps?
I don't have 2 classes of 4 and 3Mbps.
thank u
03-06-2009 01:37 AM
i am not sure if u put it 10 then the one with 3 wil not get benefit of the policy
the questionis i cant under stand what u mean international and metro the isp clasify the traffic based one what cartiria ?
03-06-2009 03:40 AM
I belive that the classification is based on destination(it does't not matter what type of traffic I am generating). If my destinations are inside my country I have 10Mbps, if destination is outside my country I have 4Mbps.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: