Ok but, in one CISCO note have something like this:

"The bandwidth command defines a behavior, which is a minimum bandwidth guarantee."

this is the document:

http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a0080103eae.shtml

So, if is the minimum, this is not a good options for bandwidth control, right ?

and ok ok, i am a bit confused with QoS, im rly new with this :S

Other question:

If i apply a outbound policy in one interface, one serial interface, i need to apply one policy for the ethernet

interface too ? The ethernet interface will mark the packet for the serial interface ?

You can classify/mark on the same interface the policy is on. The "minimum" means a guarantee. If you set bandwidth to be 1024, that's the minimum bandwidth the class will receive meaning it's guaranteeing you'll get that amount and it sets it aside when traffic that matches the class is queued.

You can do a marking on the lan and then match on the wan side, but I've always done it only on the wan side. If you mark on the lan, you would create a class map to match and then set your dscp marking. Then you match that marking on the wan side to set it to queues. It's more work, and I'm not sure it's necessary.

HTH,
John

*** Please rate all useful posts ***

John

You can classify/mark on the same interface the policy is on.

For my own clarification my understanding was that if you mark packets on an outbound policy then you can only use those markings on the next hop device ie. classification happens before marking ?  So if you marked them with an outbound policy those markings would not be available to be used for classifying traffic into queues.

It sounds like that is what you do though so maybe i have misunderstood how it works ?

Jon

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Jon, you're correct, you cannot use marking you set on egress for egress classification (same interface egress).

Jon/Joseph,

I may not have made myself clear on my last post unless I'm not understanding what Joseph is stating. I don't believe you can mark, say set dscp 21, outbound, and then match on that outbound as well. When I said egress, I meant queueing classification, but the marking would be carried to the next hop.

For example,

policy-map Test

class Test

bandwidth 1024

set dscp 21

That would still guarantee 1024 to the class Test, but it would also mark the packet with dscp 21. That's what I meant. Sorry for the confusion!!

Thanks!

John

John

No problem, i think it was just a semantic thing rather than any misunderstanding on either part.

Thanks for clarifying.

Jon

Leonardo

"The bandwidth command defines a behavior, which is a minimum bandwidth guarantee."

What this means is that per cent you allocate to the bandwidth is a minimum ie. it can use more than that if there is spare capacity to use but if the interface is congested it will get the per cent you allocated to it.

This is fine because you generally don't want unwasted bandwidth. As John noted the priority queue is policed but packets that are marked for the priority queue can use excess bandwidth but as far as i know if they use any excess bandwidth the packets are not treated as priority packets.

If you apply an outbound policy then yes if you have not marked the packets anywhere else then you would need to mark the packets on an inbound policy on the router. You may be able to mark the packets on a switch which presumably you have. if you do and the switch supports it, it is worth marking the DCSP value as this would not then need to remarked on the router.

Jon

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

What this means is that per cent you allocate to the bandwidth is a minimum ie. it can use more than that if there is spare capacity to use but if the interface is congested it will get the per cent you allocated to it.

Yes and no.  Class will get the percent allocated if all the class percents sum to 100 and all the classes want more than their allocation.

For example:

policy-map sample

class a

bandwidth percent 25

class b

bandwidth percent 25

class c

bandwidth percent 50

If there was no class c traffic, and classes a and b both wanted all the bandwidth, each would get 50%.  If there was no class b traffic, and classes a and c both wanted all the bandwidth, class a would get 1/3 and class c would get 2/3.

The key to understanding bandwidth allocations, whether percentage or absolute, it really sets dequeuing scheduling ratios between the classes, so the above would be 1:1:2

As John noted the priority queue is policed but packets that are marked for the priority queue can use excess bandwidth but as far as i know if they use any excess bandwidth the packets are not treated as priority packets.

Correct, because LLQ packets are only policed when they actually queue in the LLQ.  When then are not in the LLQ, they are FIFO on the tx-ring (interface hardware queue).

If you apply an outbound policy then yes if you have not marked the packets anywhere else then you would need to mark the packets on an inbound policy on the router. You may be able to mark the packets on a switch which presumably you have. if you do and the switch supports it, it is worth marking the DCSP value as this would not then need to remarked on the router.

Packets don't need to be ToS marked, unless you're examining the markings for some purpose such as for classification.

In John's first post, he's using NBAR classification, and he mentions ACL classification; both will work just fine without any kind of ToS marking.

The advantage of ToS marking, it's less for the device to examine when doing classification.

As to the merits of marking/trusting as close to the source as possible, that's the "book" answer, but in practice, often QoS isn't critical on LAN and can be real pain to manage on a LAN.  (You can also run into the need to tune buffers if you don't want QoS activation performance to drop in a 2K or 3K switch.)  If you have only a few WAN interfaces, which are likely to congest because of much less bandwidth than the LAN supports, I've found it pretty effective doing an egress policy similar (perhaps with a few more classes) to what John shows in his first posting.

Joseph

I was talking about simply marking on the switch as opposed to queuing etc. but i do take the point that if you enable QOS on some switches performance can actually drop without further tuning.

My attitude to QOS has always been that on a LAN it is often simply complicating things for no discernible gain. From your experience does using VoIP on a LAN automatically mean you should look to use QOS or again can it just complicate things unnecessarily.

Maybe it would help if you just wrote a book on all this stuff, or at least a document on QOS best practice for applications, i would rate it

Jon

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I was talking about simply marking on the switch as opposed to queuing etc. but i do take the point that if you enable QOS on some switches performance can actually drop without further tuning.

Yes, I understood that.  What I'm saying is even marking on a switch might be unnecessary (which agrees with your next point ).

My attitude to QOS has always been that on a LAN it is often simply complicating things for no discernible gain. From your experience does using VoIP on a LAN automatically mean you should look to use QOS or again can it just complicate things unnecessarily.

Whether QoS is really needed on a LAN is an "it depends" answer.  Often we can avoid the need for LAN QoS by insuring there's sufficient bandwidth (often easier/cheaper to provide than on WANs).  However, even on LANs sometimes you need to deal with congestion, and when you do, if traffic has different service requirements, you'll need QoS.  One significant difference between WAN vs. LAN QoS, with the former we're mostly concerned about latencies (slow links, deep queues), with the latter we're often more concerned about drops (fast links, shallow buffers).

Maybe it would help if you just wrote a book on all this stuff, or at least a document on QOS best practice for applications, i would rate it 

I've considered that for some time, and appreciate the suggestions, but I'm a very, very slow writer, and don't write very well.  I have a real job and probably spend too much time posting on these forums already.  I.e. don't really have the time for such an effort, to do it as it deserves.