05-09-2014 05:17 AM - edited 03-04-2019 10:57 PM
Hi Team,
I am replacing a 7204VXR Router with an ASR1002-X Router running IOS-XE 3.7.5S
When it comes to configure QoS for a traffic class, I am getting the below error when configuring the priority and police commands:
"Police and Priority with bandwidth/percent are not allowed in the same class"
This is what I'd like to implement:
policy-map EMEA_Outbound
class Out_Shaper_Traffic_A
priority 4608
police 4608000 conform-action transmit exceed-action set-dscp-transmit af41 violate-action set-dscp-transmit af41
The intent is to reserve 4608 for Traffic_A and to re-mark it as AF41 when it exceeds the limit, that is to ensure that our provider does not drop it when we fill their QoS class, thus I want to remark it to another class.
However the Router IOS does not seem to support both commands any longer.
Any hints on how we could solve or bypass this?
Thanks
Solved! Go to Solution.
05-09-2014 11:49 PM
Hello, Ruggero.
Just use priority statement without any numeric value and keep your policer.
PS: before changing the policy, I would detach it from interface!
05-10-2014 06:38 AM
Two more comments:
I would rewrite the statement
class Out_Shaper_Heartbeat
set dscp ef
priority
police rate 1024000
conform-action transmit
as
class Out_Shaper_Heartbeat
priority level 1
police rate 1024000
conform-action set-dscp-transmit ef
At the same time you need to understand, that even though you remark traffic to af41, it stays in priority queue, so it might impact the link if too much traffic matches the class! It's recommended to have drop action!
In this case I would tweak bc/be and configure violate action as drop.
05-09-2014 11:49 PM
Hello, Ruggero.
Just use priority statement without any numeric value and keep your policer.
PS: before changing the policy, I would detach it from interface!
05-10-2014 06:05 AM
Hi Vasilii,
That's absolutely correct, it worked sweet and I just faced a second issue with QoS moving from the 7204VXR platform to ASR1002-X IOS-XE.
I have a policy that needs to use the priority command on two different classes inside the same polic-map and the IOS-XE does no longer allow to use two priority commands within the same policy-map.
Would you have any workaround for that too?
Here is what I need to accomplish:
policy-map EMEA_Outbound
description Nike Voice and Data Policy for EMEA.
class Out_Shaper_internet
bandwidth remaining percent 10
class Out_Shaper_intranet
bandwidth remaining percent 15
class Out_Shaper_ms-shares
bandwidth remaining percent 8
shape average percent 50
class Out_Shaper_ftp
bandwidth remaining percent 3
class Out_Shaper_smtp
bandwidth remaining percent 10
class Out_Shaper_citrix
bandwidth remaining percent 2
class Out_Shaper_blackberry
bandwidth remaining percent 4
class Out_Shaper_RTP-Voice
priority
police rate 3890000
conform-action transmit
exceed-action set-dscp-transmit af41
violate-action set-dscp-transmit af41
set dscp ef
class Out_Shaper_Heartbeat
set dscp ef
priority
police rate 1024000
conform-action transmit
exceed-action set-dscp-transmit af41
violate-action set-dscp-transmit af41
class Out_Shaper_Video
bandwidth remaining percent 8
class class-default
fair-queue
random-detect
set dscp default
As soon as I try to apply the second priority to the class, it states that two priorities are not allowed within the same policy-map.
I had this running for years and all of a sudden we can't implement it anymore, that's a bummer.
05-10-2014 06:29 AM
Hello.
In this case you can use "priority level 1" and "priority level 2" (you can't have multiple classes with equal level under single policy).
PS: level 1 has higher priority then level 2.
05-11-2014 02:39 AM
Hey Vasilii,
Since you are a Guru here :) maybe you can clarify a doubt too on QoS:
On the 7204VXR I used to have a global nested policy-map with shape-average and bandwidth commands applied:
policy-map EMEA_MPLS_Outbound_Shaper
description EMEA Policy for MPLS QoS outbound
class Site1 shape average 10000000
bandwidth 10000
service-policy EMEA_Outbound_Site1
class Site2
shape average 1984000
bandwidth 1984
service-policy EMEA_Outbound_Site2
class Site3
shape average 4096000
bandwidth 4096
service-policy EMEA_Outbound_Site3
The policy-map is applied to a 100Mb interface on an hub site that serves different spoke sites, thus the need to have a QoS class different for each site.
Shape-average was used to limit the traffic to the remote site to not exceed more than the remote site BW
Bandwidth statement was to allow the child service-policy to have a BW in reference when using the "bandwidth remaining percent X" command.
So for example if "service-policy EMEA_Outbound_Site1" has different classes like HTTP bandwidth remainin percent 10, ms-share 5% etc etc the bandwidth statement was allowing the Router to calculate how much 10% it needed to take for HTTP traffic.
For example on Site1 I use bandwidth 10000 which is 10Mb and the child policy "service-policy EMEA_Outbound_Site1" was able to calculate bandwidth remaining percent for the HTTP class at 10% of 10Mb.
However now that I upgraded to ASR1002-X the Router does not allow to apply the child policy-maps if I use the bandwidth command:
Here is an example of what happens:
Router(config)#policy-map EMEA_MPLS_Outbound_Shaper
Router(config-pmap)# class Site1
Router(config-pmap-c)# shape average 10000000
Router(config-pmap-c)# bandwidth 10000
Router(config-pmap-c)# service-policy EMEA_Outbound_Site1
Policy EMEA_Outbound_Site1 attached to class with bandwidth kbps or perc configured is not supported
% service-policy EMEA_Outbound_Site1 of type default is not allowed in policy-map EMEA_MPLS_Outbound_Shaper of type default
Router(config-pmap-c)#
I wonder if I remove the Bandwidth command out of each class, how will the router know that I need to reserve 10% of 10Mb for the HTTP traffic on Site1 if it does not know the Bandwidth of Site1? Is it now going to refer to the Internface BW 100Mb in which I apply the global-pmap?
That would be a bummer because it would screw up the purpose of running nested QoS policies and it would end up reserving 10% of 100Mb for HTTP traffic on Site1 which has a shape-average max pipe of 10Mb.
This is how the child service-policy looks like in case you wonder:
policy-map EMEA_Outbound_Site1
description Nike Voice and Data Policy for EMEA.
class Out_Shaper_internet
bandwidth remaining percent 10
class Out_Shaper_Riverbed
bandwidth remaining percent 1
class Out_Shaper_intranet
bandwidth remaining percent 15
class Out_Shaper_ms-shares
bandwidth remaining percent 8
shape average percent 50
class Out_Shaper_ftp
bandwidth remaining percent 3
class Out_Shaper_smtp
bandwidth remaining percent 10
class Out_Shaper_citrix
bandwidth remaining percent 2
class Out_Shaper_blackberry
bandwidth remaining percent 4
class Out_Shaper_RTP-Voice
priority 128
class class-default
fair-queue
random-detect
set dscp default
05-11-2014 05:33 AM
Hello, Ruggero.
I'm not sure about ASR behavior in this case, but I think you may remove bandwidth from classes SiteX, as shaper's CIR would make child policies aware of available bandwidth. To check the values try "sh policy-map int ... out".
At the same time if you have no bandwidth assigned to classes SiteX, I'm not sure how scheduling will work.
PS: I'll try to review ASR's QoS model.
05-12-2014 02:56 AM
I've tried sh policy-map int before, in some IOSs it used to reveal how much Bandwidth remaining percent it is able to calculate for each class in KBPS, however in the IOS-XE it just shows that I've applied the commands bandwidth remaining percent without showing how much BW is being calculated. I've currently shut the router down as they make too much noise in the lab. I'll turn them up later in the afternoon and paste the show policy-map output.
05-11-2014 05:41 AM
Hello, Ruggero.
Could you please hint me where have learnt about this nested-policy design? I'm not familiar with it and I couldn't find it in any design guides.
PS: ASR 1000 design might be found at http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Video/qoswanaggasraag.html (take a look at QoS design 4.0)
05-12-2014 02:48 AM
Hi Vasilii,
I've created this design by myself 4 years ago, I haven't looked at anywhere on the Internet, I just based it on the commands I had available at that time using a Hierarchical Nested policies, and it worked good until I migrated to the new IOS-XE.
05-12-2014 02:51 AM
Hello, Ruggero.
I saw similar design a couple of times; but the only business reason I could imagine is poor QoS model on ISP side.
I'm looking for design guide[s], that could shed the light on the underlying requirements.
05-11-2014 05:27 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I thought starting with HQF, child policies would pick up the bandwidth of the parent's (class) shaper.
Have you tried the policy w/o the parent class bandwidth statements?
PS:
Having a parent class per remote, makes sense, but each remote has its own (different?) child policy?
BTW, I wouldn't recommend using both FQ and WRED in class-default. (Actually I usually recommend against using WRED if FQ is available. Also if FQ is supported in non-default classes, I often recommend using it there too.)
Lastly, FQ in class-default might negate the need for many or even all your non-LLQ classes. Or, you might find a tiered set of classes, each with FQ, works well.
e.g.
policy-map Tiered
class LLQ
priority percent 33
class foreground
bandwidth remaining percent 81
fair-queue
class background
bandwidth remaining percent 1
fair-queue
class class-default
bandwidth remaining percent 9
In the above Tiered you allow most traffic to just go to class-default and allow FQ to deal with it. If you have some traffic that really needs extra priority, perhaps such as your Citrix (although I would exclude Citrix printing and disk-to-disk copying) might be directed to foreground class. Known bandwidth consumers, such as FTP, might be directed to background class.
05-12-2014 02:46 AM
Apart from the FQ subject, you mean that in my policy the child policy should be able to calculate the BW via the shape average command that is setup in the parent? If that's the case then I am good and I should not do anything else to correct the configuration.
05-12-2014 02:57 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
from: http://www.cisco.com/c/en/us/td/docs/ios/qos/configuration/guide/convert/qos_hrhqf/qos_frhqf_support.pdf
05-12-2014 03:07 AM
Right, that's what I expect it to happen, in such case I should be safe to keep the shape-average on the parent and let the child use it to calculate the % bandwidth of the individial classes. I'll run some traffic over the router next week and see how it behaves. Tks.
05-10-2014 06:38 AM
Two more comments:
I would rewrite the statement
class Out_Shaper_Heartbeat
set dscp ef
priority
police rate 1024000
conform-action transmit
as
class Out_Shaper_Heartbeat
priority level 1
police rate 1024000
conform-action set-dscp-transmit ef
At the same time you need to understand, that even though you remark traffic to af41, it stays in priority queue, so it might impact the link if too much traffic matches the class! It's recommended to have drop action!
In this case I would tweak bc/be and configure violate action as drop.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide