Prioritize  Voice Vlan over Data Vlan

Posted on 2013-09-19
Medium Priority
Last Modified: 2013-09-21
hi i would like to prioritize the voice vlan (id 101)  over data vlans between 2 cisco routers.
The routers are connected by Metro Ethernet.
Please assist me with step by step procedure.
i have attached the relevant configs for both Routers.
thank you
Question by:icdl101
  • 4
  • 4
LVL 20

Accepted Solution

rauenpc earned 2000 total points
ID: 39505947
They way I accomplish this is to create a policy to mark traffic as it hits the router inbound on the LAN interfaces, and a policy to queue the traffic when going outbound. These policies rely on NBAR, but if NBAR is unavailable this could be changed to just mark all traffic inbound to the voice vlan as EF regardless of what type of traffic it truly is.

class-map match-any VOICE-CONTROL
 match ip precedence 3
 match ip dscp cs3
 match ip dscp af31
class-map match-any MARKING-voice-traffic
 match protocol rtp
class-map match-any VOICE
 match ip precedence 5
 match ip dscp ef
class-map match-any MARKING-voice-signaling
 match protocol sip
 match protocol h323
 match protocol skinny
policy-map MPLS-OUT
 class VOICE
  priority 720
  priority 48
 class class-default
  random-detect dscp-based

policy-map MARK-TRAFFIC
 class MARKING-voice-traffic
  set dscp ef
 class MARKING-voice-signaling
  set dscp cs3

int gig0
service-policy output MPLS-OUT

int vlan 101
ip nbar protocol-discovery
service-policy input MARK-TRAFFIC

Author Comment

ID: 39507071
so without nbar it would simply be

int vlan 101
service-policy input MARK-TRAFFIC
LVL 20

Expert Comment

ID: 39507181
It can depend on the model and code version. Without NBAR, matching on protocol doesn't work so you would have to match based on IP address or just blindly set dscp. What model and IOS version are you running?
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.


Author Comment

ID: 39507366
the router does support nbar. i thought it would possibly consume too much resources in turning on nbar, hence i thought of avoiding nbar.

Router model is Cisco 892
Cisco IOS  Version 15.0(1)
ROM: System Bootstrap, Version 12.4(22r)

Author Comment

ID: 39507426
Cisco 892 (MPC8300) processor (revision 1.0) with 498688K/25600K bytes of memory.
Processor board ID FGL160924XP

9 FastEthernet interfaces
1 Gigabit Ethernet interface
1 ISDN Basic Rate interface
1 Virtual Private Network (VPN) Module
256K bytes of non-volatile configuration memory.
250880K bytes of ATA CompactFlash (Read/Write)
LVL 20

Expert Comment

ID: 39507520
I would think that nbar is the better choice over a blind acl that marks traffic. If I were you, I would give it a shot first. Try to create a baseline for performance in terms of total throughput, latency, end user experience, etc. Then throw it on there and see what happens. I know that sounds like a dicey guess-and-check, but it is hard to know how the 890 series devices will handle the traffic. If it causes problems, it isn't difficult to remove and then you can go back to the drawing board to get the less cpu intensive QoS configured.

Author Comment

ID: 39510308
i will try the settings out and hopefully the router behaves well.

just one more query, by enabling  the nbar on
" int vlan 101
  ip nbar protocol-discovery " 
does that mean that nbar will only be inspecting traffic on interface vlan 101 and no other vlan interfaces

LVL 20

Expert Comment

ID: 39510315
Correct. It will only classify traffic on that interface. Don't confuse classification with inspection as one essentially marks/categorizes traffic and the other is usually related to firewall rules.

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question