Hello.On 2900 you can't run

djankovic · ‎07-05-2014

Hi,

Does anybody know is following design possible:

Network is hub and spoke. Locations are connected through ISP and network uses GRE tunnels. Network carries various traffic so there is need for QoS. Each tunnel has hierarchical QoS with parent-child policy. Parent policy shapes whole traffic for particular tunnel at desired bandwidth and child policy treats each traffic class at different way.

Looking at the physical interface that connect to ISP, its physical speed and service that is available from ISP are not the same so there is also QoS traffic shaping at physical interface that adjusts interface bandwidth to ISP available bandwidth.

Device that has this config is Cisco 2900 and has high CPU although there is not much traffic going through it.

Is it possible to do shaping twice - on GRE tunnel interface and on physical interface at the same time? It can be configured but is it working at all and what effect that has on Cisco 2900 box. I didn't find any reference for this configuration.

Thanks

Vasilii Mikhailovskii · ‎07-06-2014

Hello.

On 2900 you can't run QoS on physical link and inside the tunnel simultaneously.

But you can run 2 routers (or 2 VRFs): the first for GRE QoS and the second (CE) for link shaping.

PS: regarding CPU utilization - do you have IPSec on your tunnels?

djankovic · ‎07-06-2014

Hi,

Thanks for answering.

Do you maybe know about a document (configuration guide or platform architecture document) that can verify that this is not possible. I wasn't able to find any information - neither that is possible neither that is not possible. But it can be configured without any error.

It would also be interesting to know which QoS feature is done with this config - I suppose one on GRE tunnel because this happens before packet goes to physical interface.

And IPSec is not used or any other encription.

Vasilii Mikhailovskii · ‎07-06-2014

Hello.

Yes, it's a HFQ:

Currently, certain QoS deployments include a service policy with queuing features applied at the tunnel or a virtual interface, and a service policy with queuing features applied at the physical interface. In Release 12.4(20)T, a service policy with queuing features can only be supported at one of these interfaces. When migrating to Release 12.4(20)T, a router configuration containing service policies at both interfaces will only keep the one applied to the physical interface.

Vasilii Mikhailovskii · ‎07-06-2014

Regarding CPU.

Please provide " sh int summ" and "sh proc cpu sort 1min".

Joseph W. Doherty · ‎07-08-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

What model 2900 and define "not much traffic".

Is packet fragmentation possible?

QoS for GRE tunnels