Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

QOS Problem

I am having problem in configuring the QOS for my network. I have 6 MB bandwidth for internet. I want to reserver 2 MB bandwidth for my two specific IP addresses. Rest of 4 MB for All other Internet Traffic.

I have made the LLQ for 1 MB priority for my two servers (though they are always use 128 K) and rest of all traffic in default class. but still the my MRTG Graph is showing the 95% usage.

Why it is so. My 1 MB reserve Bandwidth is free only 128 Kb is in use by servers. why i m still getting 95% in MRTG graph.

Kindly see the attachement for configuration.

Why it is so,


Re: QOS Problem


You have LLQ enabled - fine, however you must remember - if none of the BW is not being used by the PQ, then the BW is used by the rest of the apps.

You need to apply some traffic shaping on your class default and limit it to the desired amount of bandwdith.


New Member

Re: QOS Problem

Thanks for the reply, but Cisco says that Priority queue reserve the bandwidth permanently, specific bandwidth always be available in any case, either congestion or not.

what sort of action i have to apply in class-default please tell me, i want to reserver 4 MB and when traffic exceed what action to be taken please tell me how to do this

Re: QOS Problem

You are correct - sorry, I was getting confiused on the hardware platform your are using. As you have a gig interface pointing to the internet - I thought you were using a switch, which has a different queueing method.

For the class-default something like:-

class class-default

police 4194000 conform-action transmit exceed-action drop

This will do the following:-

1) Police the amount of data in bits per-seconed to 4mbs

2) In the event of it going above 4mbs - the data will be dropped

3) A burst data size of 1024 kbps

4) In the event of a burst larger than 1024kbps - the data will be dropped.


Super Bronze

Re: QOS Problem

Yes, LLQ's PQ "reserves" bandwidth, but as Andrew correctly notes, if it's not being used, other traffic can use it. This doesn't cause a problem because PQ will take bandwidth away from other traffic as it needs it (up to its cap).

If you want to limit other traffic to never use more than 4 Mbps, whether PQ is using its bandwidth or not, then you'll need to police (as shown in Andrew's second post) or shape (suggest shape over police) the other traffic. (There's usually little advantage to doing so, since again, PQ will take the bandwidth as it needs it.)


Another issue to consider, unless you can control both sides of the link, you can easily control outbound bandwidth, but inbound control is a different problem.

New Member

Re: QOS Problem

still the problem is there, Again link is 95% use.

Please see the detail

sh policy-map interface gigabitEthernet 0/0


Service-policy output: comphone

Class-map: comphone (match-all)

17491 packets, 2835654 bytes

5 minute offered rate 5000 bps, drop rate 0 bps

Match: access-group name comphone


Strict Priority

Output Queue: Conversation 264

Bandwidth 1024 (kbps) Burst 25600 (Bytes)

(pkts matched/bytes matched) 345/57814

(total drops/bytes drops) 0/0

Class-map: class-default (match-any)

1870170 packets, 293839958 bytes

5 minute offered rate 472000 bps, drop rate 0 bps

Match: any


cir 4194000 bps, bc 131062 bytes

conformed 1869657 packets, 293785839 bytes; actions:


exceeded 0 packets, 0 bytes; actions:


conformed 472000 bps, exceed 0 bps

#sh policy-map

Policy Map comphone

Class comphone

Strict Priority

Bandwidth 1024 (kbps) Burst 25600 (Bytes)

Class class-default

police cir 4194000 bc 131062

conform-action transmit

exceed-action drop

#sh interfaces gigabitEthernet 0/0

GigabitEthernet0/0 is up, line protocol is up

Hardware is BCM1125 Internal MAC, address is 001c.f6e7.c640 (bia 001c.f6e7.c640)

Description: *** Connected to ISP through Wateen ***

Internet address is

MTU 1500 bytes, BW 6144 Kbit, DLY 100 usec,

reliability 255/255, txload 19/255, rxload 243/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s, media type is RJ45

output flow-control is XON, input flow-control is XON

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:02, output 00:00:00, output hang never

Last clearing of "show interface" counters 01:14:52

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: Class-based queueing

Output queue: 0/1000/64/0 (size/max total/threshold/drops)

Conversations 0/7/256 (active/max active/max total)

Reserved Conversations 0/0 (allocated/max allocated)

Available Bandwidth 3584 kilobits/sec

5 minute input rate 5871000 bits/sec, 847 packets/sec

5 minute output rate 468000 bits/sec, 610 packets/sec

2697474 packets input, 2220203792 bytes, 0 no buffer

Received 12 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog, 2448 multicast, 0 pause input

0 input packets with dribble condition detected

1983404 packets output, 305767744 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 pause output

0 output buffer failures, 0 output buffers swapped out

Please help me out what else i m missing.

Re: QOS Problem

5 minute input rate 5871000 bits/sec, 847 packets/sec - 5.5mbs INBOUND from the internet

5 minute output rate 468000 bits/sec, 610 packets/sec - 0.44mbs OUTBOUND to the internet

Are you actually trying to reduce the amount of traffic d/l from the internet?

New Member

Re: QOS Problem

I want to use 4 MB for internet useage, either used by VPN, Internet browsing, email.

1 MB for specific servers. Rest 1 MB i want to reserve for some other purposes. I dont want to use full 6 MB. Please let me know how to solve this problem.

I have implemented LLQ with 1 MB, class default is policing at 4 MB. Then who is using the rest of 1 MB. Why all bandwidth is under use, is my class-default configuration is okay, or shall i reconfigure it for bandwidth 4 MB also.

Please guide

Re: QOS Problem

You ahve implemented this on the OUTPUT of the interface yes??? The interface stats you provided indicate high usage for the INPUT. You never want to limit input traffic.

Bascially you are retereiving alot of data from the internet. The policy you have written is to control data from inside your network out to the internet.

QoS was not designed to limit and control data coming in over a WAN link, only going out over it. If you want to impose in-bound you will not be able to do it on this device.

Do you have a firewall that is connected to your network?

New Member

Re: QOS Problem

Thanks for the information. Yes i have firewall that is connected to my network. Please let me any another solution that can be possible with firewall.

Re: QOS Problem

If you firewall is a Cisco PIX or ASA, running 7.0(x) code you can apply QoS policies on the outside and inside interface.

If you are running 7.2 (x) and above you can apply the QoS policies not only on the interface - but the direction of the traffic at the interface.

So as an example - you could have a policy that limits any HTTP/HTTPs traffic on the inside interface going ONTO the LAN - onto your inside network FROM the internet.

Below is a link to get you started:-


Super Bronze

Re: QOS Problem

Besides Andrew's suggestion of using your firewall, you can also expand you p2p policy on the router to police inbound (non-priority) traffic.

However, whether controlling inbound traffic on the router or a firewall, you can still encounter congestion on the inbound link. The reason being, traffic can fill the link before your downstream device drops traffic. The issue isn't normally making available 2 Mbps going into your LAN, but making the bandwidth available on the Internet link itself, inbound.

The best solution is management of the otherside of your Internet link's outbound interface, which is the source of the inbound traffic to you. Unfortunately, most ISPs won't offer anything beyond providing more bandwidth (at additional cost).