I have a remote site with a WAN connection and DSL for backup. If WAN fails, I want to prioritize traffic (ie voice, video, OSPF etc..) on my tunnel and follow the recommend 70% DSL upstream. At the same time, all internet traffic is also going out the DSL. I don't want internet traffic to ever saturate my tunnel-vpn connection. My topology:
Per QoS design guide, is a little confusing on how to set this up. The "split-tunnel" section and the DSL-shaping section gives good example, but there doesn't seem to be a combined scenario. Below are my test configs so far. I beleive I have the DSL-shaping done but not the split-tunnel part. Thx
interface Tunnel0 description POINT-TO-POINT-TO-LONDON bandwidth 6000 ip address 10.55.1.2 255.255.255.252 ip mtu 1400 ip tcp adjust-mss 1360 ip ospf cost 1000 qos pre-classify tunnel source GigabitEthernet0/0 tunnel destination <removed> tunnel key 10 tunnel protection ipsec profile DMVPN shared service-policy output SHAPE
interface GigabitEthernet0/0 description ****DSL Internet - Public address <removed>**** ip address dhcp no ip redirects no ip unreachables no ip proxy-arp ip accounting output-packets ip mtu 1492 ip flow ingress ip nat outside ip virtual-reassembly no ip route-cache cef no ip route-cache ip tcp adjust-mss 542 load-interval 30 carrier-delay msec 0 duplex auto speed auto media-type rj45 no cdp enable arp timeout 300
class-map match-any VIDEO match ip dscp 41 match ip dscp cs4 af41 af42 class-map match-all VOICE match ip dscp ef class-map match-any CALL-SETUP match ip dscp cs3 match ip dscp af31 class-map match-any INTERNETWORK-CONTROL match ip dscp cs6 match access-group name IKE class-map match-any PRIORITY-TRAFFIC match access-group name PRIORITY-TRAFFIC ! ! policy-map QOS class VOICE bandwidth percent 33 class CALL-SETUP bandwidth percent 2 class INTERNETWORK-CONTROL bandwidth percent 5 class PRIORITY-TRAFFIC bandwidth percent 22 class VIDEO bandwidth percent 20 class class-default fair-queue random-detect policy-map SHAPE class class-default shape average 182400 1824 service-policy QOS
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...