Solved

Cisco QoS Priority/Bandwidth Policy problem

Posted on 2010-09-18
16
2,297 Views
Last Modified: 2012-08-13
Hello,

I am trying to achieve the following behavior through Cisco QoS.

The goal is that when rtp audio packets are flowing then VoIP Queue reserves 464kbps and the other queues have 64 kbps available to share.

Therefore, if I have an uplink of 512kbps and If there are rtp packets going through the interface, I want the Policy class to reserve 464kbps (regardless of how many actual kbps of rtp audio packets are flowing through).  If there are no rtp audio packets going through the interface then share the the 512kbps according to the other classes.

This is my configuration:

class-map match-any CCP-Transactional-1
 match protocol citrix
 match protocol finger
 match protocol notes
 match protocol novadigm
 match protocol pcanywhere
 match protocol sap
 match protocol secure-telnet
 match protocol sqlnet
 match protocol sqlserver
 match protocol ssh
 match protocol telnet
 match protocol xwindows
class-map match-any CCP-Voice-1
 match protocol rtp audio 
class-map match-any CCP-Routing-1
 match protocol bgp
 match protocol eigrp
 match protocol ospf
 match protocol rip
 match protocol rsvp
class-map match-any CCP-Signaling-1
 match protocol h323
 match protocol rtcp
 match protocol sip
class-map match-any CCP-Management-1
 match protocol dhcp
 match protocol dns
 match protocol imap
 match protocol kerberos
 match protocol ldap
 match protocol secure-imap
 match protocol secure-ldap
 match protocol snmp
 match protocol socks
 match protocol syslog
class-map match-any HTTP/S
 match protocol http
 match protocol secure-http
!
!
policy-map CCP-QoS-Policy-1
 class CCP-Voice-1
  set dscp ef
    priority 464
 class CCP-Signaling-1
  set dscp cs3
    bandwidth percent 1
 class CCP-Routing-1
  set dscp cs6
    bandwidth percent 1
 class CCP-Management-1
  set dscp cs2
    bandwidth percent 1
 class CCP-Transactional-1
  set dscp af21
    bandwidth percent 1
 class HTTP/S
    bandwidth percent 4
 class class-default
    fair-queue
     random-detect
policy-map CCP-QoS-Policy-2
 class class-default
    shape average 512000
  service-policy CCP-QoS-Policy-1

interface FastEthernet4
 description $FW_OUTSIDE$$ES_WAN$
 bandwidth 512
 bandwidth receive 4096
 ip address dhcp client-id FastEthernet4
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 576
 ip nbar protocol-discovery
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 ip tcp adjust-mss 512
 duplex auto
 speed auto
 !        
 max-reserved-bandwidth 1
 service-policy output CCP-QoS-Policy-2
!         
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
 ip address 10.0.11.254 255.255.252.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 !        
!         
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!         
!         
ip nat inside source list 1 interface FastEthernet4 overload
!         
logging trap debugging
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.0.8.0 0.0.3.255
no cdp run





Cisco IOS Software, C880 Software (C880DATA-UNIVERSALK9-M), Version 15.0(1)M3, RELEASE SOFTWARE (fc2)


Cisco 881 (MPC8300) processor (revision 1.0) with 236544K/25600K bytes of memory.
Processor board ID FTX143200J6

5 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
256K bytes of non-volatile configuration memory.
125440K bytes of ATA CompactFlash (Read/Write)


License Info:

License UDI:

-------------------------------------------------
Device#	  PID			SN
-------------------------------------------------
*0  	  CISCO881-SEC-K9           



License Information for 'c880-data'
    License Level: advipservices   Type: Permanent
    Next reboot license Level: advipservices


 

Open in new window

0
Comment
Question by:rivira
16 Comments
 
LVL 10

Expert Comment

by:koudry
ID: 33708763
My first observation is that the Cisco 800 platform is very basic and cheap but you pay back in design term what you gain in hardware price. QoS can be tricky on a Cisco 800 platform because of the limitation of on-board gadgets.

You are trying to host both voice (EF) and data together. Since voice is more important, it needs to be protected. However, it does seem like you are allocating 464k of the 512k upstream.  This is 90% utilisation.  I am not sure if this is representative of the actual voice traffic.

The question is that how many VoIP phones are you trying to hook off the router?  I would expect each voice traffic to be allocated a maximum of 32k.  From your figure, it looks like you will be hosting about 15 VoIP phones. So the bandwidth allocation is the first problem.

Do you know what voice codec is being used by your VoIP phones? I think the rtp audio should work. Have you tried to see if you are seeing any stats when you initiate a voice traffic?

I did a voice + data QoS design recently for a Cisco 877 hosting 4 VoIP phones of which 2 concurrent voice conversations each with 27k.  I could have used less than that but I was using multilink PPP with fragmentation enabled, hence some overhead. The WAN is a fixed 250k upstream and 1M downstream DSL circuit. I am not sure if this will be any use to you but if you want to see it, I will share with you.

Good luck

Koudry
0
 
LVL 1

Author Comment

by:rivira
ID: 33709003
Hello and thank you for your quick reply.

I do have a specific design reason of why I need this configuration (hence the 90% utilization when RTP Audio is detected);  If it is interesting to you, please let me know and I will elaborate in detail my current scenario.  


Even though the Cisco 881 is less expensive than other routers I have IOS 15 with Advanced IP services image.  

NBAR seems to be doing its job  in recognizing RTP Packets so I am happy there.

Another way to look at what I am trying to achieve is the following (maybe it will help to clarify):

If RTP Packets in class CCP-Voice-1 are present then shape all other traffic to 64kbps




This is the output of stats - I've modified a bit the interface speed and queues percetages but the classes are the same:


wan-router#show policy-map interface fa4
 FastEthernet4

  Service-policy output: CCP-QoS-Policy-2

    Class-map: class-default (match-any)
      237350 packets, 27411129 bytes
      5 minute offered rate 20000 bps, drop rate 0 bps
      Match: any
      Queueing
      queue limit 64 packets
      (queue depth/total drops/no-buffer drops) 0/62/0
      (pkts output/bytes output) 236232/26006944
      shape (average) cir 500000, bc 2000, be 2000
      target shape rate 500000

      Service-policy : CCP-QoS-Policy-1

        queue stats for all priority classes:
         
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 2022/170281

        Class-map: CCP-Voice-1 (match-any)
          2022 packets, 170281 bytes
          5 minute offered rate 0 bps, drop rate 0 bps
          Match: protocol rtp audio
            2022 packets, 170281 bytes
            5 minute rate 0 bps
          QoS Set
            dscp ef
              Packets marked 2022
          Priority: 425 kbps, burst bytes 10600, b/w exceed drops: 0
         

        Class-map: CCP-Signaling-1 (match-any)
          3356 packets, 2223029 bytes
          5 minute offered rate 1000 bps, drop rate 0 bps
          Match: protocol h323
            3 packets, 266 bytes
            5 minute rate 0 bps
          Match: protocol rtcp
            8 packets, 622 bytes
            5 minute rate 0 bps
          Match: protocol sip
            3345 packets, 2222141 bytes
            5 minute rate 1000 bps
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 2300/890681
          QoS Set
            dscp cs3
              Packets marked 2300
          bandwidth 2% (10 kbps)

        Class-map: CCP-Routing-1 (match-any)
          0 packets, 0 bytes
          5 minute offered rate 0 bps, drop rate 0 bps
          Match: protocol bgp
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol eigrp
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol ospf
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol rip
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol rsvp
            0 packets, 0 bytes
            5 minute rate 0 bps
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 0/0
          QoS Set
            dscp cs6
              Packets marked 0
          bandwidth 2% (10 kbps)

        Class-map: CCP-Management-1 (match-any)
          65717 packets, 3964363 bytes
          5 minute offered rate 8000 bps, drop rate 0 bps
          Match: protocol dhcp
            1 packets, 321 bytes
            5 minute rate 0 bps
          Match: protocol dns
            1473 packets, 113530 bytes
            5 minute rate 0 bps
          Match: protocol imap
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol kerberos
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol ldap
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol secure-imap
            64243 packets, 3850512 bytes
            5 minute rate 8000 bps
          Match: protocol secure-ldap
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol snmp
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol socks
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol syslog
            0 packets, 0 bytes
            5 minute rate 0 bps
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 65717/3964377
          QoS Set
            dscp cs2
              Packets marked 65717
          bandwidth 2% (10 kbps)

        Class-map: CCP-Transactional-1 (match-any)
          19037 packets, 10654822 bytes
          5 minute offered rate 0 bps, drop rate 0 bps
          Match: protocol citrix
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol finger
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol notes
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol novadigm
            3 packets, 295 bytes
            5 minute rate 0 bps
          Match: protocol pcanywhere
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol sap
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol secure-telnet
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol sqlnet
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol sqlserver
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol ssh
            19034 packets, 10654527 bytes
            5 minute rate 0 bps
          Match: protocol telnet
            0 packets, 0 bytes
            5 minute rate 0 bps
          Match: protocol xwindows
            0 packets, 0 bytes
            5 minute rate 0 bps
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 19037/10654029
          QoS Set
            dscp af21
              Packets marked 19037
          bandwidth 2% (10 kbps)

        Class-map: HTTP/S (match-any)
          59104 packets, 4797178 bytes
          5 minute offered rate 3000 bps, drop rate 0 bps
          Match: protocol http
            56464 packets, 4508853 bytes
            5 minute rate 3000 bps
          Match: protocol secure-http
            2640 packets, 288325 bytes
            5 minute rate 0 bps
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/62/0
          (pkts output/bytes output) 59042/4769785
          bandwidth 6% (30 kbps)

        Class-map: class-default (match-any)
          88114 packets, 5601456 bytes
          5 minute offered rate 4000 bps, drop rate 0 bps
          Match: any
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops/flowdrops) 0/0/0/0
          (pkts output/bytes output) 88114/5557791
          Fair-queue: per-flow queue limit 16
            Exp-weight-constant: 9 (1/512)
            Mean queue depth: 0 packets
            class     Transmitted       Random drop      Tail/Flow drop Minimum Maximum Mark
                      pkts/bytes    pkts/bytes       pkts/bytes    thresh  thresh  prob
           
            0           88108/5556903         0/0              0/0                 20            40  1/10
            1               0/0               0/0              0/0                 22            40  1/10
            2               0/0               0/0              0/0                 24            40  1/10
            3               0/0               0/0              0/0                 26            40  1/10
            4               0/0               0/0              0/0                 28            40  1/10
            5               0/0               0/0              0/0                 30            40  1/10
            6               6/888             0/0              0/0                 32            40  1/10
            7               0/0               0/0              0/0                 34            40  1/10




0
 
LVL 28

Expert Comment

by:bgoering
ID: 33712272
Take a look at http://www.cisco.com/en/US/tech/tk652/tk698/technologies_tech_note09186a0080094660.shtml for some information on setting up priority queuing for voice.

Good Luck
0
 
LVL 1

Author Comment

by:rivira
ID: 33712337
Hi bgoering,

Thanks for the comment, however it seems that this will not achieve the behavior I am looking for as my WAN interface is a FastEthernet connected to a Cable Modem from the ISP and it is not point to point.

In a way, I am trying to shape the interface dynamically from 512kbps to 96kbs when RTP traffic is present.

0
 
LVL 1

Author Comment

by:rivira
ID: 33713592
Hey Guys,

This behavior is exactly what I am looking for:  Please see (http://www.xmission.com/~hidden/aatqos/ and http://blog.ioshints.info/2010/01/update-workaround-for-sluggish-cb-qos.html )

Can someone help me implement an EEM script to detect VoIP Calls and apply the Shape policy-map to the interface only when a VoIP Call is on?

Thanks,

Ricardo
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:rivira
ID: 33810019
Hello,

Anyone has an idea of how this could be implemented in a cisco router IOS 15 (Advanced IP services)?

Thanks,

Ricardo
0
 
LVL 9

Accepted Solution

by:
Alex Bahar earned 500 total points
ID: 34162834
>>  if I have an uplink of 512kbps and If there are rtp packets going through the interface, I want the Policy class to reserve 464kbps (regardless of how many actual kbps of rtp audio packets are flowing through).

That is not possible, because it will waste unused bandwidth. The RTP traffic in priority queue will use ONLY WHAT IT NEEDS. So at any moment if your RTP traffic is using 100kbps, the remaining (400Kbps)  bandwidth will be available to other classes. If your RTP traffic requires 200Kbps, then your priority queue will use 200 Kbps, leaving remaining 300Kbps to other classes.

>> If there are no rtp audio packets going through the interface then share the the 512kbps according to the other classes.
Assuming you have 5 classes, then you should assign 20% to each class. This tells the scheduler to evenly allocate "ALL AVAILABLE/UNUSED" bandwidth evenly between 5 classes. Please note that if there is no RTP traffic, then your 5 classes will use 20% each. If there is some RTP traffic, then your classes will share the remaining bandwidth equally.

The following config will provide this functionality.

policy-map CCP-QoS-Policy-1
 class CCP-Voice-1
  set dscp ef
    priority 464
 class CCP-Signaling-1
  set dscp cs3
    bandwidth percent 20
 class CCP-Routing-1
  set dscp cs6
    bandwidth percent 20
 class CCP-Management-1
  set dscp cs2
    bandwidth percent 20
 class CCP-Transactional-1
  set dscp af21
    bandwidth percent 20
 class HTTPS
    bandwidth percent 20
 class class-default
    fair-queue
     random-detect
0
 
LVL 1

Author Comment

by:rivira
ID: 34425658
It does not answer the question.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 34425666
It does. "You can't do that" is a valid answer sometimes. That answer is the best you can get.

Qlemo
Cleanup Volunteer
0
 

Expert Comment

by:_alias99
ID: 34447384
All,
 
Following an 'Objection' by rivira (at http://www.experts-exchange.com/Q_26701532.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Cleanup Volunteer.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
_alias99
Community Support Moderator
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

Is your computer hacked? learn how to detect and delete malware in your PC
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now