Hi all: We have a simple WAN consisting of our main office and two brand offices connected via point-to-point T1s. We have 2811's in each location.
Here is my problem. I have an application (servers in our main office) which is a bandwidth hog, but which I must garrantee bandwidth. The application makes heavy use of MS SQL. My first attempt at creating a QoS policy was to use the QoS wizard to create the policy and to add a new class for the application based on the source/destination IP address. I gave this class 40% bandwith and an LLQ. This where configured on all serial interfaces. Code snipets are attached below.
The problem is that the default class is still taking the majority of bandwidth during times of 100% bandwidth usage. I need traffic to and from the application server to have precidence over all other traffic so that it behaves as if no other traffic is present. That is what I thought "priority" did???
Thanks for teh help, Chris.
class-map match-any SDM-Transactional-2 ...... class-map match-any SDM-Transactional-1 ...... class-map match-any SDM-Routing-2 ..... class-map match-any SDM-Signaling-1 ...... class-map match-any SDM-Signaling-2 ...... class-map match-any SDM-Routing-1 ...... class-map match-any SDM-Voice-1 ....... class-map match-any SDM-Voice-2 ....... class-map match-any SDM-Management-1 ...... class-map match-any SDM-Management-2 ...... class-map match-any NextGen-2 match access-group 102 class-map match-any NextGen-1 match access-group 101 ! ! policy-map SDM-QoS-Policy-2 class SDM-Voice-2 set dscp ef priority percent 5 class SDM-Signaling-2 set dscp cs3 bandwidth percent 5 class SDM-Routing-2 set dscp cs6 bandwidth percent 5 class SDM-Management-2 set dscp cs2 bandwidth percent 5 class SDM-Transactional-2 set dscp af21 bandwidth percent 5 class NextGen-2 priority percent 40 class class-default fair-queue random-detect policy-map SDM-QoS-Policy-1 class SDM-Voice-1 set dscp ef priority percent 5 class SDM-Signaling-1 set dscp cs3 bandwidth percent 5 class SDM-Routing-1 set dscp cs6 bandwidth percent 5 class SDM-Management-1 set dscp cs2 bandwidth percent 5 class SDM-Transactional-1 set dscp af21 bandwidth percent 5 class NextGen-1 priority percent 40 class class-default fair-queue random-detect ! ! ! interface Null0 no ip unreachables ! interface FastEthernet0/0 description $ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$ES_LAN$$ETH-LAN$$FW_INSIDE$ ip address 10.1.1.1 255.255.0.0 no ip redirects no ip unreachables ip directed-broadcast no ip proxy-arp ip nat inside ip route-cache flow duplex auto speed auto no mop enabled ! interface FastEthernet0/1 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow shutdown duplex auto speed auto no mop enabled ! interface Serial0/0/0 description $FW_INSIDE$ ip address 10.10.2.1 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery encapsulation ppp ip route-cache flow compress stac caim 0 service-module t1 clock source internal service-module t1 timeslots 1-24 service-policy output SDM-QoS-Policy-1 ! interface Serial0/1/0 description $FW_INSIDE$ ip address 10.10.3.1 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery encapsulation ppp ip route-cache flow compress stac caim 1 service-module t1 clock source internal service-module t1 timeslots 1-24 service-policy output SDM-QoS-Policy-2 ! logging trap debugging access-list 1 remark INSIDE_IF=FastEthernet0/0 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.1.1.0 0.0.0.255 access-list 2 remark HTTP Access-class list access-list 2 remark SDM_ACL Category=1 access-list 2 permit 10.1.0.0 0.0.255.255 access-list 2 permit 10.2.0.0 0.0.255.255 access-list 2 permit 10.3.0.0 0.0.255.255 access-list 2 permit 10.10.2.0 0.0.0.3 access-list 2 permit 10.10.3.0 0.0.0.3 access-list 2 deny any access-list 100 remark VTY Access-class list access-list 100 remark SDM_ACL Category=1 access-list 100 permit ip 10.1.0.0 0.0.255.255 any access-list 100 permit ip 10.2.0.0 0.0.255.255 any access-list 100 permit ip 10.3.0.0 0.0.255.255 any access-list 100 permit ip 10.10.2.0 0.0.0.3 any access-list 100 permit ip 10.10.3.0 0.0.0.3 any access-list 100 deny ip any any access-list 101 remark SDM_ACL Category=256 access-list 101 permit ip host 10.1.1.21 10.2.0.0 0.0.255.255 access-list 101 permit ip host 10.1.1.22 10.2.0.0 0.0.255.255 access-list 102 remark SDM_ACL Category=256 access-list 102 permit ip host 10.1.1.21 10.3.0.0 0.0.255.255 access-list 102 permit ip host 10.1.1.22 10.3.0.0 0.0.255.255
As per my knowledge LLQ is queuing method. It’s a combination of Priority queuing and CBWFQ.
LLQ = 1 PQ + CBWFQ
Here you can get bandwidth guarantee, but there are some limitations, not all.(You cant allocate full bandwidth of link to all classes).
Cisco recommends that, In LLQ
Priority = 33 % , Other CBWFQ = 42 % (That means total 75% is maximum limit, which can be used for guarantee traffic).Other 25 % is for class default (other traffic).
I will suggest you to go for CBWFQ its better, In that also you can use 75 %. Allocate the bandwidth to your Next Gen applications till 70 % (make 2 class and allocate like 35 % for each class). Allocate in percent , it will easy, Then configure the remaining bandwidth for class default.
Make 2 different Policy map -- CBFWQ . Don't use LLQ.Since in LLQ the the priority queue is by default policed. So its better you can configure two CBWFQ and apply on two different interface. Match your application Next gen and allocate the bandwidth 50%. Then at the time of congestion it will get min 50 % of link bandwidth and in normal period it can utilize available bandwidth.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...