cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3888
Views
0
Helpful
6
Replies

qos for internet traffic ???

selva Kathir
Level 1
Level 1

Dear All,

I am having a branch office connected to a central office internet to the branch office is provided through the core router.

Link betwwen the branch office and the central office is of 2 mbps serial link.

now i want to prioritize the internet traffic and need to allocate 1.5 mbps of traffic to  the internet link.

Is it possible to identify and prioritize internet traffic ???

and my branch router is of cisco 1900 series router running with ios 12.4 ...

Thanks in advance

Selva

6 Replies 6

jbhanderi671
Level 1
Level 1

Hello,

You can separate your Core office subnet with ACL, Apply route-map and QoS policies base on route-map and ACL combination.

So ACL matching traffic will be your BO to CO business related but other than that will be internet traffic.

You can apply QoS:Voice[Priority queue],Video,Business Critical,Bulk Data and default.

Thank you.

--Jignesh

Hi Jignesh,

thanks for your response

Can you please help me in creating a class map to match Internet traffic ??

I want to create a class map to match internet traffic

Thanks in advance,

Selva

You may not need to creat interent class because its so diverse ip range and protocol range[unknown]. Probably create class map for your office traffic[IP subnet you already know], and fall other thing in internet traffic.

Or second option is to have it ACL or PDLM base on NBAR mechanism.

Or " Have it ACL base on http/https" Ex : ip-access list permit 10/20 ip any http/https.

I do not have my lab up, so cna not send you exact command.

Thank you.

jignesh

Hi,

This sample config can help you?

local lan 192.168.12.0/24

remote office 192.168.23.0/24

access-list 100 deny   ip 192.168.12.0 0.0.0.255 192.168.23.0 0.0.0.255
access-list 100 permit ip any any

class-map match-all INTERNET
match access-group 100

policy-map INTERNET
class INTERNET
  set dscp ef
class class-default

class-map match-all INTERNET_OUT
match  dscp ef

policy-map INTERNET_OUT
class INTERNET_OUT
  priority 2048
class class-default

interface FastEthernet0/0
description INSIDE
ip address 192.168.12.2 255.255.255.0
service-policy input INTERNET
!
interface FastEthernet0/1
description OUTSIDE
ip address 192.168.23.2 255.255.255.0

service-policy output INTERNET_OUT

Best Regards,

Pedro Lereno

Thank you for sample configuration, but it will not help us . We do not want to mark internet traffic as value " EF" .

It will be bad qos design. Only voice traffic we should mark with EF value.

Any way let me tweak little bit configuration and make it simple for you :

local lan 192.168.12.0/24

remote office 192.168.23.0/24

=========================

ip access-list extended Internet

permit tcp any any eq www

class-map match-all Internet_Class

match access-group name Internet

!

policy-map Internet_Pol

class Internet_Class

   set dscp cs4

=========you can configred many parameter here in policy map========

interface FastEthernet0/0
description INSIDE
ip address 192.168.12.2 255.255.255.0
service-policy input Internet_Pol

service-policy out  Internet_Pol

Hi Jignesh,

Thanks for the reply, you are right dscp EF should not be used to classify this kind of traffic - my example was only to clarify how to separate internet traffic -  the classification was exaggerated, sorry for my precipitation!

In your config you are considering that there is no corporate web traffic between central and remote location, if there is a internal web (port tcp/80)  application it will be marked with the same dscp cs4 as an internet web access.

Hi Selva Kathir,

Do you pretend to prioritize only web traffic or all internet traffic except corporate traffic?
Can you identify the kind of corporate traffic that is used between central and remote office (tcp and udp port numbers)? This kind of traffic is also used on the internet?
If the internet is only to web access and there is no corporate web application the Jignesh example is the way to go (I only add https):

ip access-list extended Internet
permit tcp any any eq www
permit tcp any any eq 443

Best Regards,

Pedro Lereno

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco