hypknight
asked on
Cisco WAN T1 QoS and VLANs
Hi Guys,
I have a pair of sites connected with a point-to-point T1 terminated into a pair of Cisco Routers. I'm looking to incorporate VLANS and QoS across this link. Can anyone give me an example of how to implement VLANS across a private T1 link, and then how to prioritize traffic from a particular host over all others?
I'll gladly give any other information you may need to answer the question should you require more. I just didn't want to clutter the question with pointless information.
Thanks!
I have a pair of sites connected with a point-to-point T1 terminated into a pair of Cisco Routers. I'm looking to incorporate VLANS and QoS across this link. Can anyone give me an example of how to implement VLANS across a private T1 link, and then how to prioritize traffic from a particular host over all others?
I'll gladly give any other information you may need to answer the question should you require more. I just didn't want to clutter the question with pointless information.
Thanks!
ASKER
then why can i do them across VPN links? I'm certain that I've seen it done.
ASKER
or better yet, what's the best method of doing QoS for certain traffic over a VPN link?
ASKER
Sorry, disconnect between brain and fingers... QoS across a T1 link... I KNOW that can be done...
ASKER
As a side note, I need to do it WITHOUT CEF (because one of the routers is non-Cisco). So to explain, I have a connection between serveral sites some sites are connected with Cisco Routers others are connected with HP routers. I need to classify certain traffic coming from a certain IP range (VoIP Traffic) as a higher priority than the rest of the traffic across the T1s.
What do you Experts think is the best solution?
Thanks!
What do you Experts think is the best solution?
Thanks!
@Donjohnston: If your T1 is connected to the Internet you cannot, but like the OP said, it's a point-to-point link, so I don't see why not (much like a VPN)
What routers do you have?
For the QoS config, you could have something like:
What routers do you have?
For the QoS config, you could have something like:
!ACL FOR QOS:
ip access-list extended QOSHOST
!HOST(S) ALLOWED TO BENEFIR FROM QOS:
permit tcp 10.1.1.1 255.255.255.0 any
permit ip 10.1.1.1 255.255.255.0 any
!CLASSMAP STATEMENT - ANY NAME
class-map match-any MYQOS
!MATCH STATEMENT - MATCHES ACL FROM ABOVE
match access-group name QOSHOST
!POLICYMAP NAME
policy-map QOSMAPNAME
!WATCH OUT FOR QOSHOST TRAFFIC
class QOSHOST
!HOW MUCH BANDWIDTH YOU WANT TO ASSIGN TO QOSHOST ACL
!PLAY AROUND WITH THE BELOW COMMAND, SPECIFY HOW MUCH/WHAT BANDWIDTH TO ASSIGN. BELOW ASSIGNS THE REMAINING 30% OF BANDWIDTH
bandwidth remaining percent 30
!TRAFFIC THAT WAS NOT DEFINED WILL BE QUEUED AS NORMAL
class class-default
fair-queue
!SPECIFY WHAT INTERFACE TO USE FOR QOS (WAN INTERFACE)
interface s0/0
!TELL THE ROUTER WHAT BANDWIDTH YOU HAVE (IN KILOBITS). BELOW = 3Mbps
bandwidith 3000
!ENABLE NBAR PROTOCOL TO RECOGNIZE TRAFFIC (MAY NOT BE REQUIRED IF NO SETTING PROTOCOL-BASED QOS)
ip nbar protocol-discovery
!APPLY THE POLICYMAP FROM ABOVE TO THE INTERFACE
service-policy output QOSMAPNAME
ASKER
@ddiazp: Thanks so much for your awesome reply! We'll go with the most difficult case here:
Two HP Routers (7102dl) each with a T1 Interface Card (J8451A). These are connected by a private point-to-point.
Each of the routers has several VLANs on it. Each of these VLANs needs to be able to talk to eachother, and also VLANs at the neighboring site (through the point-to-point). I understand the QoS bit of it now I think, but what would be the best way to route between the sites and maintain the integrity of the VLAN segregation as well as the QoS?
So if i have at site A:
VLAN 100: 172.16.1.0
VLAN 200: 172.16.96.0
VLAN 300: 172.16.154.0
VLAN 150: 172.16.186.0
and at site B:
VLAN 101: 172.16.32.0
VLAN 201: 172.16.128.0
VLAN 150: 172.16.186.0
VLAN 100 needs to be routable to VLAN 300 and VLAN 101 (but not 200); VLAN 201 needs to be routable to 101 and 200 (but not 101 and 300).
What would be the best method to accomplish this (while preserving that VLAN150 resides in both locations and maintains QoS on the private link).
Thanks!
Two HP Routers (7102dl) each with a T1 Interface Card (J8451A). These are connected by a private point-to-point.
Each of the routers has several VLANs on it. Each of these VLANs needs to be able to talk to eachother, and also VLANs at the neighboring site (through the point-to-point). I understand the QoS bit of it now I think, but what would be the best way to route between the sites and maintain the integrity of the VLAN segregation as well as the QoS?
So if i have at site A:
VLAN 100: 172.16.1.0
VLAN 200: 172.16.96.0
VLAN 300: 172.16.154.0
VLAN 150: 172.16.186.0
and at site B:
VLAN 101: 172.16.32.0
VLAN 201: 172.16.128.0
VLAN 150: 172.16.186.0
VLAN 100 needs to be routable to VLAN 300 and VLAN 101 (but not 200); VLAN 201 needs to be routable to 101 and 200 (but not 101 and 300).
What would be the best method to accomplish this (while preserving that VLAN150 resides in both locations and maintains QoS on the private link).
Thanks!
The qos config works on top of the vlans so you wanna get those configured first. I'm on my iPhone, I'll type on someconfig from my desktop later.
Basically configure all vlans whichever way you want (router on a stick seems best) and a trunk between routers.
To control intervlan access you can throw in access lists and applied them with the access-group command.
Once you have that configured, place the qos in.
Like I said before, I'll type in some config in a while or you can google vlan config
the qos I posted works on cisco routers, not on HP.
Basically configure all vlans whichever way you want (router on a stick seems best) and a trunk between routers.
To control intervlan access you can throw in access lists and applied them with the access-group command.
Once you have that configured, place the qos in.
Like I said before, I'll type in some config in a while or you can google vlan config
the qos I posted works on cisco routers, not on HP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Woops, I put <t1 int> where it should actually be your LAN fastethernet/ethernet or whatever interface.. your t1 interface shouldn't have any encapsulation or subinterfaces.
ASKER
Hey there,
Yes, the addresses were fictitious, purely a sample. So, on eth0/2 I'm doing 802.1Q trunking down to the core switch at each site and have the sub-interfaces built accordingly, by reading above, I need to create sub-interfaces on the T1 interface as well to have them traverse the T1? Does this affect the PPP link?
Yes, the addresses were fictitious, purely a sample. So, on eth0/2 I'm doing 802.1Q trunking down to the core switch at each site and have the sub-interfaces built accordingly, by reading above, I need to create sub-interfaces on the T1 interface as well to have them traverse the T1? Does this affect the PPP link?
ASKER
Also, does putting sub-interfaces on the T1 interface maintain tagging when on "VLAN150" in site B and transmitting into VLAN150 in Site A across the point-to-point?
Only subinterface on WAN link is for tagging. I mistakenly put <t1 int> but I meant eth0/2 on the previous config.
I'm not sure on HP routers, but on Cisco routers you would say (assuming native vlan is 1 as default)::
Interface <t1>.1
encapsulation dot1q native 1
ip address x.x.x.x y.y.y.y
I think on HP routers you could just say:
interface <t1 int>.1
encapsulation 802.1q [native]
vlan-id 1
Need to specify tagging on the interface so that it will understand tagged packets.
Also, you'll need to configure the Switches connected to the Routers with VLANs and VLAN ports (switchport mode access, switchport access vlan X. on cisco switches)
I'm not sure on HP routers, but on Cisco routers you would say (assuming native vlan is 1 as default)::
Interface <t1>.1
encapsulation dot1q native 1
ip address x.x.x.x y.y.y.y
I think on HP routers you could just say:
interface <t1 int>.1
encapsulation 802.1q [native]
vlan-id 1
Need to specify tagging on the interface so that it will understand tagged packets.
Also, you'll need to configure the Switches connected to the Routers with VLANs and VLAN ports (switchport mode access, switchport access vlan X. on cisco switches)
ASKER
So another question for you. Does every router in the infrastructure need to have an IP address in every VLAN in use?
So for instance:
Site A uses VLANs: 1,2,3,4
Site B uses VLANs: 5,6,7,8
Site C uses VLANs: 9,10
Does site's eth 0/2 have to have sub-interfaces with IP addresses in EVERY VLAN (1-10) to properly route?
So for instance:
Site A uses VLANs: 1,2,3,4
Site B uses VLANs: 5,6,7,8
Site C uses VLANs: 9,10
Does site's eth 0/2 have to have sub-interfaces with IP addresses in EVERY VLAN (1-10) to properly route?
No, you'll need to enter static routes if you don't have a routing protocol in place
ASKER
Yup, we're running OSPF. I just wanted to make sure that I didn't have to have a subinterface on every switch that routes along the way.
ASKER
So I think we're getting close here... THANK YOU SO MUCH for all of your help. As it sits right now, I have one of the sites where there are only 2 VLANS (Data and Voice). I'm being asked to tag all traffic in and out of Eth 0/1 on that router as VOICE and all data in and out of Eth 0/2 on that router as DATA so that tagging doesn't need to be done on the infrastructure below.
Do you know if this can be accomplished, and if so, how?
Do you know if this can be accomplished, and if so, how?
ASKER
I think I answered my own question about tagging on the router interface. It can't be done on the router end, has to be done in the switch.
THANKS SOO MUCH for your help. I'll be opening another question in a related topic soon I'm sure, and I'd LOVE your help on that as well!
Full points, well deserved!
THANKS SOO MUCH for your help. I'll be opening another question in a related topic soon I'm sure, and I'd LOVE your help on that as well!
Full points, well deserved!
Nope.
VLAN = virtual LOCAL AREA NETWORK. A T1 circuit is a WAN link. VLAN's and T1's are like water and oil. They just don't mix. ;-)