Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
316
Views
0
Helpful
2
Replies

Critical eye needed....

Go to solution
jigsaw2026
Level 1
Level 1

‎09-27-2006 01:58 AM

Hi there,

I've been asked to implement qos on a router (2800), and as an absolute beginner I was hoping someone would be able to check my config please...

Basic premise is that we need to classify VoIP traffic as highest, then Telnet and RDP, then all else:

#Set ACL to capture all priority traffic

Ip access-list extended priority

Permit tcp any any eq 3389

Permit tcp any any eq 23

Deny ip any any

#Set traffic to be grouped

Class-map match-all critical

Match protocol rtp

Class-map match-all priority

Match access-group priority

Class-map match-all default

Match ip dscp default

#Classify inbound traffic

policy-map classify-traffic

class critical

set ip dscp ef

class priority

set ip dscp af31

class default

set ip dscp default

#Set outbound queue priority

policy-map queue-on-dscp

class critical

priority percent 50

class priority

bandwidth percent 40

class default

fair queue

random-detect dscp-based

#Assign inbound classification

Interface fa2/0/2

Service-policy input classify-traffic

#Assign outbound queuing

Interface s0/0

Service-policy output queue-on-dscp

My feeling is that I've got one step too many in there...do I really need to dscp classify on ingress when I'm egress queuing based on my class maps? And is this correct, or am I way off the mark?!

Any contstuctive advice would be most appreciated.

Thanks

J2026

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Aaron Harrison
VIP Alumni
VIP Alumni

‎09-27-2006 05:34 AM

Hi

If your QoS policy map matches on protocol/acces s list etc, then you don't need to classify on ingress.

You could classify on ingress (in which case your policy map would mark traffic with a DSCP value) and then use these markings in your QoS policy if you wanted... but this is just overcomplicating it.

I'd just use the outbound policy.

Regards

Aaron

Please rate helpful posts...

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Aaron Harrison
VIP Alumni
VIP Alumni

‎09-27-2006 05:34 AM

Hi

If your QoS policy map matches on protocol/acces s list etc, then you don't need to classify on ingress.

You could classify on ingress (in which case your policy map would mark traffic with a DSCP value) and then use these markings in your QoS policy if you wanted... but this is just overcomplicating it.

I'd just use the outbound policy.

Regards

Aaron

Please rate helpful posts...

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
0 Helpful

Go to solution
jigsaw2026
Level 1
Level 1
In response to Aaron Harrison

‎09-27-2006 07:28 AM

Thanks alot Aaron, that's confirmed what I was thinking.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents