Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Qos Lan to MPLs challenge

I'm relitively new to Qos but I believe I understand the basics, the challenge I am facing is having traffic come through my switch to my router via an Hwic then back out the same Hwic port back to my switch and out another swith port to an MPLS router

I am using Hsrp and having my router act as priority for the default gateway in order to send all internet traffic out the Wan link, and route all internal data center traffic through back through the mpls router.  My router also hosts DMVPN tunnels back to the data center in case the mpls goes down. I'm also tracking my Wan link in order to send internet traffic through the mpls incase that link goes down.

I have VOIP at my sites

mpls.jpg

Here is the Current ISP's Mpls qos

policy-map LAN_IN

class LAN_EF

police cir 256000

set qos-group 5

class LAN_AF3

police 3072000

set qos-group 3

class LAN_AF2

police 3072000

set qos-group 2

class LAN_AF1

police 3072000

set qos-group 1

class class-default

set qos-group 6

!

class-map match-any LAN_EF

match access-group name EF

class-map match-any LAN_AF3

match access-group name AF3

class-map match-any LAN_AF2

match access-group name AF2

class-map match-any LAN_AF1

match access-group name AF1

!

ip access-list extended AF1

permit ip any any dscp af11

permit ip any any dscp af12

permit ip any any dscp af13

permit ip any any dscp cs2   would like to move this to AF2 class list

permit ip any any dscp cs1

permit ip any any dscp default

ip access-list extended AF2

permit ip any any dscp af21

permit ip any any dscp af22

permit ip any any dscp af23

permit ip any any dscp af31

permit ip any any dscp af32   Would like to move this to AF3 class list

permit ip any any dscp af33

permit ip any any dscp cs3

ip access-list extended AF3

permit ip any any dscp af41

permit ip any any dscp af42   Would like to Remove these completely since we don’t use video on the network

permit ip any any dscp af43

permit ip any any dscp cs4

ip access-list extended EF

permit ip any any dscp ef

permit ip any any dscp cs5

Here is my Current Template that I'm working on

class-map match-any VOICE

description Voice Audio Packets

match ip dscp ef

match ip dscp cs5

!

class-map match-any CALL-SIGNALING-NETWORKING

description For Call Control as well as Network Management and Routing

match access-group name acl-NETWORK-MANAGEMENT

match ip dscp cs6

match ip dscp cs3

match ip dscp af31 af32 af33

!

class-map match-any MISSION-CRITICAL-DATA

description Latency Sensitive Data and Eclaim

match access-group name acl-MISSION-CRITICAL

match ip dscp af21 af22 af23

!

class-map match-any BULK-DATA

description non-latency, bursty data packets

match access-group name acl-BULK

match ip dscp CS1 af11 af12 af13

policy-map BRANCH-WAN-EDGE   *** To Send out My Wan Link Interface

  class VOICE

  priority percent 40        

  !

  class CALL-SIGNALING-NETWORKING

  set ip dscp af33

  bandwidth percent 10

  random-detect     

  !

  class MISSION-CRITICAL-DATA

  set ip dscp af23

  bandwidth percent 20     

  random-detect             

  !

  class BULK-DATA

  set ip dscp af11   

  bandwidth percent 15       

  random-detect

ACCESS LISTS

Ip access-list extended acl-NETWORK-MANAGEMENT

permit udp any any eq domain

permit udp any any eq ntp

permit udp any any eq rip

permit udp any any eq isakmp

permit udp any any eq non500-isakmp

permit eigrp any any

permit tcp any any eq telnet

permit tcp any any eq 22    

ip access-list extended acl-BULK

permit tcp any 10.0.0.0 0.255.255.255 eq ftp ftp-data

permit udp any 10.0.0.0 0.255.255.255 eq tftp

permit tcp any 172.0.0.0 0.223.255.255 eq ftp ftp-data pop3 smtp 143 www

permit udp any 172.0.0.0 0.223.255.255 eq netbios-dgm netbios-ns netbios-ss tftp

permit tcp any 192.168.0.0 0.0.255.255 eq ftp ftp-data pop3 smtp 143 www

permit udp any 192.168.0.0 0.0.255.255 eq netbios-dgm netbios-ns netbios-ss tftp

remark Bulk site to site traffic excluding Internet

ip access-list extended acl-MISSION-CRITICAL

permit ip any 192.168.0.71 0.0.0.0 

permit ip any 192.168.0.9 0.0.0.0 

permit ip any 192.168.8.0 0.0.0.255 

permit tcp any any eq 88    

permit udp any any eq 88

permit tcp any any eq 135 

permit tcp any any eq 389

permit tcp any any eq 390  

permit udp any any eq 390

permit tcp any any eq 464   

permit tcp any any eq 636   

permit udp any any eq 636

permit tcp any any eq 1494  

permit tcp any any eq 2598 

permit tcp any any eq 3389 

permit tcp any any eq 3268

permit udp any any eq 3268

permit tcp any any eq 3269  

permit udp any any eq 3269

I'm trying to have my router mark the traffic before sending it back out the Hwic port to my switch and then to the mpls Router with markings that will be maintained hence the 5 classes  EF, AF3, AF2, AF1, Default

policy-map BRANCH-EDGE-LAN-IN 

class VOICE

priority percent 40        

  !

  class CALL-SIGNALING-NETWORKING

  set ip dscp af33

  bandwidth percent 10

  random-detect     

  !

  class MISSION-CRITICAL-DATA

  set ip dscp af23

  bandwidth percent 20     

  random-detect             

  !

  class BULK-DATA

  set ip dscp af11   

  bandwidth percent 15       

  random-detect

policy-map BRANCH-LAN-EDGE-OUT  *** Not sure if I need to do this ****

class VOICE

priority percent 40        

  !

  class CALL-SIGNALING-NETWORKING

  set ip dscp af33

  bandwidth percent 10

  random-detect     

  !

  class MISSION-CRITICAL-DATA

  set ip dscp af23

  bandwidth percent 20     

  random-detect             

  !

  class BULK-DATA

  set ip dscp af11   

  bandwidth percent 15       

  random-detect

interface FastEthernet0/0/0

  service-policy output BRANCH-LAN-EDGE-OUT 

  service-policy input BRANCH-EDGE-LAN-IN  

Any Help or Guidance would be greatly appreciated

Thanks for taking the time to read this

Everyone's tags (3)
810
Views
0
Helpful
0
Replies