QoS, TOS value, ping tool, cisco site-to-site ...help!

andrewprouse used Ask the Experts™
I'm struggling with a QoS problem at the moment and need a tool to help me test it.

I need to be able to ping a device and classify the data with a TOS value (184).

We have a Cisco site-to-site link working perfectly, but I'm trying to prioritise voice traffic between two voice servers (non cisco - one at each site).  The voice servers are apparently tagging all inter-site traffic with a TOS value of 184 (tos=0xB8).  I've created a policy-map to match outgoing DSCP EF traffic on the WAN interfaces, but I don't seem to be getting any matches when I make an inter-site voice call.

If I use a Cisco Wireless Access Point to run an extended ping and input the TOS value of 184 then I get matches so I know that the router policy-map is working correctly. The thing I don't know is if the Cisco routers can only detect Cisco traffic.  I need a ping tool where I can set a TOS value to the ICMP traffic to see if I get matches.

I've tried a ping from an XP machine where the ping -v command is supported, and this traffic doesn't 'match' in the policy-map.

I'm also trying to find a way to capture the packets to and from each voice server to see if the packets are actually tagged with the correct TOS value.  Any ideas how to do this? (I have wireshark but can't seem to work out how to monitor a remote device).

Any ideas?

Cheers, Andy
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
John MeggersNetwork Architect

Since the voice servers are not Cisco, Cisco routers and switches most likely will not automatically recognize the traffic as voice.  I assume this is what you mean by "Cisco routers can only detect Cisco traffic".  So you need another mechanism to classify the traffic.  Why not use an ACL matching on source and/or destination of the voice servers, reference that in a class map, reference the class map in a policy map applying the TOS or DSCP value you want, and then apply that policy on the outbound interface.  You'll also want to specify "qos preclassify" in your crypto map. See http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800b3d15.shtml
Robert Sutton JrSenior Network Manager

FWIW: When using wireshark:
The capture filter equivalent of "ip.dsfield==184" would be "ip[1]=184".
Furthermore, when the dsfield value is 184, the dscp value is actually 46, as the dscp field consists of the higher 6 bits of the dsfield, the other two bits are for ECN (Explicit Congestion Notification).
Im assuming your filter "ip.dsfield==184" will only show packets with DSCP value 46 and both ECN bits zero. So you might miss packets that have an ECN bit set. It's better to use the display filter "ip.dsfield.dscp==46", for which the capture filter equivalent is "ip[1]>>2=46"

Hope this helps.



Thank you for the suggestion.  I may have to revert to this option if I can't get the TOS / DSCP values to match.  Now that I've started along the TOS / DSCP route I'd quite like to get it working this way.


Thank you for that.  I've managed to capture packets from the voice server while a call was being made to the other site. From what I can tell, the inter-site traffic is being tagged with a DSCP value of 0 (DSCP 0x00) which is probably why the Cisco router isn't matching the traffic.  

The voice server uses TOS, and I'm inputting a TOS value of 184 (tos=0xB8), and the Cisco router is trying to match DSCP EF (46).  Is the TOS value correct for this?

Cheers, Andy
Senior Network Manager
Yes...Its correct. However, 184 is going to be default no matter how you slice it for that COS/TOS(Because its the highest in that particular priority class) programmed in your switch when passing SIP traffic thru a WAN interface. Its mapped through your policy QOS rules and your base rule..If you need naything else let us know. Hope this helps.

As a reminder TOS 184 is primarily default for ALL manufacturer's in that Class of service/Type of Service for any Cisco/Non-Cisco devices concerning EF type classification.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial