Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

QoS on router 877 for VoIP : help needed please

Hello all,

I'm getting really crazy with my new Cisco 877. I wand to setup QoS with priority for VoIP and a few more flows, while keeping the full bandwidth available for generic traffic when I'm not on the phone, with priority to FTP and HTTP.

I currently have a Cisco 857 router on an ADSL connection with good download / upload speed, except the phone line and internet radio streams drop when I upload big backup files to a remote backup server. This is what I want to avoid with my new router.

I'm a Cisco newbie, I tried to aggregate all previous posts on several forums to make my conf, which is the one below. What it currently does is the following :

- catch the traffic coming from VLAN1 and tag it appropriately with precedence
- whatever is priority traffic, although I see the reserved bandwidth increase, I have noticed disruptions in phone calls and internet radio streams after a certain time
- whatever is not priority traffic, including for example web downloads like podcasts in itunes, the download speed starts at a few Mbps, then suddenly drops to a few Kbps or even few bps. Downloading one podcast then takes 24 hours, when it's 2 minutes on the 857 currently.

What I don't understand is the relationship between the QoS I place on the outbound traffic, and the limitation I get in return on the inbound traffic...

At no time in my test I created a congestion on the uplink that could explain a slow down on the downlink.

any suggestion, please ?

I've had to apply the service policy on ATM0 because it's not supported on the sub-interface ATM0.1.

I have doubts on the usage of "tx-ring-limit 3" in the pvc section.

Here is my conf :

class-map match-any Priority-Traffic-VLAN
match access-group name Voice-Traffic-VLAN
match access-group name Radio-Traffic-VLAN
match access-group name ICMP-VLAN
match access-group name Outbound-DNS-VLAN
match access-group name Telnet-Traffic-VLAN
!

class-map match-any Preserved-Traffic-VLAN
match access-group name HTTP-Traffic-VLAN
match access-group name FTP-Traffic-VLAN
!

class-map match-any Priority-Traffic-ATM0
match precedence 5
!

class-map match-any Preserved-Traffic-ATM0
match precedence 4
!

!
policy-map Packet-Queuing-ATM0
class Priority-Traffic-ATM0
priority 500
class Preserved-Traffic-ATM0
bandwidth remaining percent 70
class class-default
fair-queue
!

policy-map Packet-Tagging-VLAN1
class Priority-Traffic-VLAN
set precedence 5
class Preserved-Traffic-VLAN
set precedence 4
class class-default
set precedence 0
!

!
!

!
!

interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode adsl2+
service-policy output Packet-Queuing-ATM0
!

interface ATM0.1 point-to-point
description $FW_OUTSIDE$
bandwidth 990
ip dhcp client update dns server none
ip ddns update sdm_ddns2
ip address dhcp
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect SDM_HIGH out
ip nat outside
ip virtual-reassembly
rate-limit output 800000 150000 300000 conform-action transmit exceed-action drop
atm route-bridged ip
pvc 0/34
tx-ring-limit 3
encapsulation aal5snap
!
!

interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
ip address 192.168.5.1 255.255.255.0
ip access-group 100 in
no ip unreachables
ip nat inside
ip virtual-reassembly
ip route-cache flow
service-policy input Packet-Tagging-VLAN1
!

!
ip access-list extended FTP-Traffic-VLAN
permit tcp any any range ftp-data ftp
!

ip access-list extended HTTP-Traffic-VLAN
permit tcp any any eq www
permit tcp any any eq 443
!

ip access-list extended ICMP-VLAN
permit icmp 192.168.5.0 0.0.0.255 any
!

ip access-list extended Outbound-DNS-VLAN
permit udp any any eq domain
!

ip access-list extended Radio-Traffic-VLAN
remark traffic generated by internet radio
permit ip host 192.168.5.x any
!

ip access-list extended Telnet-Traffic-VLAN
permit tcp any any eq telnet
permit tcp any eq telnet any
!

ip access-list extended Voice-Traffic-VLAN
permit ip host 192.168.5.x any

So ? what do you think ??

Thank you VERY much for any help.
B.

Everyone's tags (4)
6 REPLIES
Hall of Fame Super Silver

Re: QoS on router 877 for VoIP : help needed please

Hello Benoit,

there are two aspects here:

a) QoS: you have an outbound policer under ATM subif and a scheduler under ATM main interface. You should consider a hierarchical QoS with parent policy shaping at 800 kbps and invoking the scheduler as the child policy.

For applying a service policy outbound you should associate ATM traffic parameters with the PVC in PVC context.

int atm0.1

pvc 0/34

vbr-nrt 400

this should allow you to apply the QoS to the subif.

policy-map parent

class class-default

shape 800000

policy Packet-Queuing-ATM0

int atm0

no serv out Packet-Queuing-ATM0

int atm0.1

serv out parent

b) the ADSL line can have troubles over time so periods of poor performance

post

sh dsl int atm0

sh int atm0

Hope to help

Giuseppe

Community Member

Re: QoS on router 877 for VoIP : help needed please

Hi Giuseppe,

thank you so much for this reply. I took so time to read and understand each command you pointed out to me. Here is the config I've figured out and will try on later today :

policy-map Packet-Queuing-ATM0
  class Priority-Traffic-ATM0
  priority 260
  class Important-Traffic-ATM0
  bandwidth remaining percent 50
  class Preserved-Traffic-ATM0
  bandwidth remaining percent 25
  class class-default
  fair-queue
!
policy-map Traffic-Shaping-ATM0
  class class-default
  shape average 1000000            <- added the shaping for 1Mbps average stream ??
  service-policy Packet-Queuing-ATM0  <- add the priority definition as a child of the shape definition
!
interface ATM0
  dsl operating-mode adsl2+   <- removed the service-policy statement
!
interface ATM0.1 point-to-point
atm route-bridged ip                  <- removed the 'bandwidth' statement
pvc 0/34
  vbr-nrt 1000 1000                     <- added this one for defining a 1Mbps upstream capacity ??

  tx-ring-limit 4                           <- incresed limit by one to match a power of 2 ??
  encapsulation aal5snap
  service-policy output Traffic-Shaping-ATM0 <- yes now I can apply the policy there thanks to the vbr command
  !
!

I couldn't try it yet, but at least this conf is accepted by the router, which was not the case before.

I have an additional question : isn't it redundant to shape the traffic at 1Mbps in the policy AND in the vbr command ? I removed the bandwidth command in the sub-if atm0.1 but would have guessed I could have attached the Packet-Queuing-ATM0 policy directly to the PVC.

what do you think ? thanks very much again.

Benoit

Hall of Fame Super Silver

Re: QoS on router 877 for VoIP : help needed please

Hello Benoit,

the bandwidth is used by modular QoS every time you use a bandwidth percent or similar command like bandwidth remaining percent, so you should use it otherwise child policy would be without a reference BW value or with a wrong value.

An ATM subinterface can inherit BW from main interface but I would use the command in any case to use the correct value.

the vbr command provides ATM traffic parameters for the PVC so it is needed too, as you have seen, in order to be able to apply the service-policy on the subinterface or PVC context.

Hope to help

Giuseppe

Community Member

Re: QoS on router 877 for VoIP : help needed please

Great, so I will reapply the bandwidth statement. I see that with no bandwidth command, and without even plugging the ADSL cable, it currently indicates a value of 4Mbps bandwidth for the uplink, which is totally wrong.

What about the shape command ? if there is bandwidth & vbr information, does it really needs a shape command in addition ?

Thanks. Regards,

Benoit

Hall of Fame Super Silver

Re: QoS on router 877 for VoIP : help needed please

Hello Benoit,

I agree you should be able to apply the scheduler directly to the PVC or subinterface without the parent shape all policy

Hope to help

Giuseppe

Cisco will donate $1 to  the Red Cross Haiti fund for every rated post!

https://supportforums.cisco.com/docs/DOC-8727

Community Member

Re: QoS on router 877 for VoIP : help needed please

Hello Giuseppe,

I finally solved my problem. There were two things :

1/ Applying the QoS parameters to the PVC :

Here is my final conf :

interface ATM0.1 point-to-point
atm route-bridged ip
pvc 0/34
  vbr-nrt 768 768
  tx-ring-limit 4
  oam-pvc manage
  encapsulation aal5snap
  service-policy output Packet-Queuing-ATM0
!

I had to downgrade the value for vbr-nrt to below 800 for a theoretical upstream of 1Mbps, probably because of the ATM overhead. I was regularly loosing the sync with higher numbers.

The policy is not hierarchical, it's a simple one, after our previous discussion. No more shaping, no more rate-limit, no more bandwidth on any interface, just :

policy-map Packet-Queuing-ATM0
  class Priority-Traffic-ATM0
    priority 260
  class Important-Traffic-ATM0
    bandwidth remaining percent 50
  class Preserved-Traffic-ATM0
    bandwidth remaining percent 25
  class class-default
    fair-queue

where the classes are defines like that :

class-map match-any Priority-Traffic-ATM0
  match  precedence 5
class-map match-any Important-Traffic-ATM0
  match  precedence 4
class-map match-any Preserved-Traffic-ATM0
  match  precedence 3

I did some heavy congestion tests, it works very well for both VoIP and radio streaming, all at the same time. Good !! The actual bandwidth of the ATM interface is calculated automatically by the router when it creates the connection, therefore it manages the "bandwidth remaining" command appropriately without further "bandwidth" command, as far as I can judge.

2/ Concerns with download speed when applying the QoS policy (at least that was my perception)

For this concern, I found the cause, and I post it for future references, you may bump into similar situations in this forum. Because I had problems with configuring QoS, I decided to reset the router to a blank configuration and used SDM to speed up the initial conf. Among this, I chose "high security" in the wizzard for setting up the firewall, then SDM created a default application firewall policy with this :

ip inspect name SDM_HIGH appfw SDM_HIGH

appfw policy-name SDM_HIGH

  [...]
  application http
    port-misuse im action reset alarm
  [...]

As far as I can tell now, this firewall policy, when used in conjunction with the QoS setup above, seems to throttle down and eventually drop return traffic of any sustained incoming traffic (like downloading a 100MB file from a web site). Now, my router works perfectly well simply because I removed the "ip inspect [...] appfw [...]" line. Uploads and downloads are sustained at full link speed, while QoS is applied on the uplink. All other "ip inspect" lines remain and work well though.

I don't have much time to study the topic deeper, but at least I found the cause and shared my observations for future users.

Thanks a lot for your help, that enabled me to make it work.

Best regards,

Benoit

6981
Views
14
Helpful
6
Replies
CreatePlease to create content