3750X QoS Problems
I'm new to setting up QoS so I would like some input.
I'm setting up QoS on my 3750X:
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.2(2)E, RELEASE SOFTWARE (fc3)
I enabled Auto QoS on the switch:
mls qos map policed-dscp 0 10 18 24 46 to 8
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 3200
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
auto qos srnd4
All ports are setup like this:
interface GigabitEthernet1/0/1
switchport mode access
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust dscp
auto qos trust dscp
The problem is this:
I have an IPTV application that I tag with AF41 (DSCP 34):
policy-map QoS-Ceton-InfiniTV-Policy
class QoS-Ceton-InfiniTV-Data-Class
set dscp af41
But when I'm playing that application back on a client, packets are dropped when I'm also running Remote Desktop tagged with AF21 (DSCP 18).
Temporarily, I solved the problem by changing all ports to queue-set 2:
Queueset: 1
Queue : 1 2 3 4
buffers : 15 25 40 20
threshold1: 100 125 100 60
threshold2: 100 125 100 150
reserved : 50 100 100 50
maximum : 200 400 3200 200
Queueset: 2
Queue : 1 2 3 4
buffers : 25 25 25 25
threshold1: 100 200 100 100
threshold2: 100 200 100 100
reserved : 50 50 50 50
maximum : 400 400 400 400
What I don't get is Auto QoS is suppose to make this easy, isn't it?
How come AF41 packets are dropped for AF21 packets?
Thanks for any input.
Even with queue-set 2, I still see drops, just not as many.
GigabitEthernet1/0/27 (All statistics are in packets)
dscp: incoming
0 - 4 : 7324189 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 236744 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 1127 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 17433393 2 94 0 163
5 - 9 : 0 291 0 1 0
10 - 14 : 30613 0 0 0 0
15 - 19 : 0 3822 0 281615 0
20 - 24 : 0 0 0 0 103072
25 - 29 : 0 11 0 0 0
30 - 34 : 0 0 7605 0 15387535
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 16394 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 18872 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 7564272 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 17467998 30614 285437 103083 15395140
5 - 7 : 7914 16394 209955
output queues enqueued:
queue: threshold1 threshold2 threshold3
queue 0: 0 0 7605
queue 1: 15673244 245425 264513
queue 2: 0 0 17441610
queue 3: 1 30602 0
output queues dropped:
queue: threshold1 threshold2 threshold3
queue 0: 0 0 0
queue 1: 0 0 0
queue 2: 0 0 588
queue 3: 0 0 0
Policer: Inprofile: 0 OutofProfile: 0
Similar Messages
-
ASR1001 QOS Problem %QOS-4-TUN_MOV_FAIL
Dear member,
I have facing a problem on the ASR with QOS problem, I configured a hqos on phyical interface and hqos on tunnel interface, the number of tunnel about 350.
I check on the logging, the QOS on tunnel was continues fail and install.
============================================
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2000.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2780, suspending policy.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2000, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel3080.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel3080, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2380.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2380, suspending policy.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel70, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2140.
============================================
Any member have this experience.
Attach the QoS configuration for reference.
Regards
RussSeem not related to this bug as ASR only suspended policy without reboot.
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.2(4)S, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Mon 23-Jul-12 20:03 by mcpre
IOS XE Version: 03.07.00.S
License Level: adventerprise
License Type: Permanent
Next reload license Level: adventerprise
cisco ASR1001 (1RU) processor with 1156392K/6147K bytes of memory.
Processor board ID SSI170805JC
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7741439K bytes of eUSB flash at bootflash:.
Configuration register is 0x2102 -
QoS Problem - Outbound Ethernet Marcation
Hi all,
I have a problem with QoS.
Everytime a voice packet go outbound through an Ethernet interface the router remove the DSCP marcation 46 (EF) and marks as 0. Serial interfaces work fine.
I've tried with different IOS versions but the problem is the same.
If anyone has faced this problem before, please let'me know what IOS version this QoS configuration work.
Cheers ///
Neirival de Sousa (Brazil/Angola)Hi,
can yo be more specific about your hardware/software and general setup?
Also one more thing: are you sure it happens outbound? Could it be that a LAN switch is receiving the frame/IP packet and the default port settings for Catalysts kick in? QoS wise all LAN ports on the Catalyst switches are untrusted, thus any marking will be set to 0 (best effort), when received on such a port. You need to issue a "mls trust ..." command on each port, where markings should be passed unchanged. The "..." is "cos" or "dscp" and depends on hardware/IOS.
Hope this helps! Please rate all posts.
Regards, Martin -
QOS problem (multicast) with 3750
Hi,
I need help to solve following problem.
I have setup qos in our 3750, see below.
Unicast traffic is handle correct, However with multicast streams the router set the dscp to 0
Has somebody any idea what is missing?
Too old sw? Cisco IOS Software, C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(35)SE,
Regards Niklas
ip multicast-routing distributed
ip multicast multipath
mls qos srr-queue input priority-queue 1 bandwidth 10
mls qos srr-queue input dscp-map queue 1 threshold 1 46
mls qos srr-queue input dscp-map queue 2 threshold 1 11 24 30 48
mls qos srr-queue output dscp-map queue 1 threshold 1 48
mls qos srr-queue output dscp-map queue 2 threshold 1 46
mls qos srr-queue output dscp-map queue 3 threshold 1 40
mls qos srr-queue output dscp-map queue 4 threshold 1 11 24 30
mls qos
interface GigabitEthernet1/0/22
switchport access vlan 41
switchport mode access
load-interval 30
srr-queue bandwidth share 25 25 25 20
priority-queue out
mls qos trust dscp
interface GigabitEthernet1/0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 40
switchport mode trunk
load-interval 30
srr-queue bandwidth share 25 25 25 20
priority-queue out
mls qos trust dscpHi,
Here comes the printouts:
with mls qos enabled:
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/22 statistics
GigabitEthernet1/0/22
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 8881981 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 307 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 0 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 8881981 0 0 0 0
5 - 7 : 0 307 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/23 statistics
GigabitEthernet1/0/23
dscp: incoming
0 - 4 : 8931330 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 202 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 1206 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 11357772 0 0 0 0
5 - 7 : 0 2 0
cos: outgoing
0 - 4 : 0 0 0 0 0
5 - 7 : 0 1206 2
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#
mls qos disabled:
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/22 statistics
GigabitEthernet1/0/22
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 7371 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 0 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 7371 0 0 0 0
5 - 7 : 0 0 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/23 statistics
GigabitEthernet1/0/23
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 23281 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 2 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 29272 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 0 0 0 0 0
5 - 7 : 0 2 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#
BR Niklas -
Hi everyone,
I've got a probleme. I red the cisco QoS book, but it doesn't work for me.
I want to do what so many others do, reserve bandwitdh for some specific trafic. But if I test the config, every flow gets the same bandwidth.
I transmit from 2 pc's with a matching ip and a not matching ip each 100MB file. Teracopy shows me the bandwitdh of each 1,3 MB/s and if I look to the folder, the files arrive nearly at the same time.
IOS (tm) C2600 Software (C2600-I-M), Version 12.2(19), RELEASE SOFTWARE (fc3)
Standard IP access list it-intern
permit x.x.x.x (125133 matches)
permit x.x.x.x (60651 matches)
permit x.x.x.x, wildcard bits 0.0.0.255 (905968 matches)
Class Map match-any class-default (id 0)
Match any
Class Map match-any not-it-intern (id 1)
Match not access-group name it-intern
Policy Map cbwfq
Class not-it-intern
Bandwidth 70 (%) Max Threshold 64 (packets)
interface FastEthernet0/1
description # 20 MBit #
bandwidth 20000
ip address x.x.x.x x.x.x.x
service-policy output cbwfq
ip route-cache flow
no ip mroute-cache
duplex auto
speed auto
If I make:
ciscoHV3#sh pol int
FastEthernet0/1
Service-policy output: cbwfq
Class-map: not-it-intern (match-any)
11127978 packets, 4292340182 bytes
5 minute offered rate 4422000 bps, drop rate 0 bps
Match: not access-group name it-intern
11127962 packets, 4292327891 bytes
5 minute rate 4422000 bps
Queueing
Output Queue: Conversation 265
Bandwidth 70 (%) Max Threshold 64 (packets)
(pkts matched/bytes matched) 111155/27836979
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
827815 packets, 919625061 bytes
5 minute offered rate 2911000 bps, drop rate 0 bps
Match: any
- I can see that pakets became matched.
I fall in dispair, please help.I've got a WAN connection, which is connected via FastEthernet to the router. The ISP garantees 20 mbit/s. There are 2 IPs and 1 Subnet that got low prior. So I created a Class that "Not" matches that Accessgroup. The remaining traffic should become a minimum of 70% of the bandwidth.
If I understand you, I only get congestion if i would use the physical interface speed (100mbit/s) and only in this case I can use the bandwidth comands.
But would work a config like this?:
Policy-Map cbwfq
Class not-it-intern
Bandwidth percent 70
Policy-Map police-all
Class class-default
police cir 20000000
service-policy cbwfq
interface FastEthernet0/1
description # 20 MBit #
bandwidth 20000
ip address x.x.x.x x.x.x.x
service-policy output police-all
ip route-cache flow
no ip mroute-cache
duplex auto
speed auto
I don't want to use shaping, thats the currently way how I limit the traffic for the sources of the ACL(it-intern). But shaping stresses the router a little bit too much and how I said, I dont want to limit I want to garantee a minimum of traffic.
By the way, thanks a lot for your help until now. -
I can't seem to get my 3750X to mark DSCP values.
I am testing with HTTP from a server on another VLAN.
Using WireShark, the HTTP packets are all marked 0.
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.2(1)E3, RELEASE SOFTWARE (fc1)
QoS is enabled
QoS ip packet dscp rewrite is enabled
Extended IP access list QoS-ACL-Ceton-InfiniTV-Data
10 permit udp any any range 5001 5016
Extended IP access list QoS-ACL-Ceton-InfiniTV-Signaling
10 permit tcp any any eq 554
20 permit udp any any range 5757 5772
30 permit tcp any any eq www
Class Map match-all QoS-Ceton-InfiniTV-Signaling-Class (id 9)
Match access-group name QoS-ACL-Ceton-InfiniTV-Signaling
Class Map match-all QoS-Ceton-InfiniTV-Data-Class (id 10)
Match access-group name QoS-ACL-Ceton-InfiniTV-Data
Policy Map QoS-Ceton-InfiniTV-Policy
Class QoS-Ceton-InfiniTV-Data-Class
set dscp af41
Class QoS-Ceton-InfiniTV-Signaling-Class
set dscp af21
interface GigabitEthernet1/0/36
description VLAN 100 - Ceton InfiniTV 6 ETH
switchport access vlan 100
switchport mode access
ipv6 nd raguard
spanning-tree portfast
service-policy input QoS-Ceton-InfiniTV-Policy
end
Any suggestions?
Thanks.Thanks Alex.
ACLs and direction always confuses me.
To me, it always seems like it should be the other way.
I always write them backwards.
Anyway,
I tested the HTTP daemon on the Ceton from another machine and verified with Wireshark.
Packets are marked correctly.
I worked out (through trial and error) the rest of the ACL.
Here is my current (working) QoS-ACL:
ip access-list extended QoS-ACL-Ceton-InfiniTV-Data
permit udp any any range 5001 5016
permit udp any any range 8000 8015
ip access-list extended QoS-ACL-Ceton-InfiniTV-Signaling
permit tcp any eq www any
permit tcp any eq 554 any
permit udp any range 5757 5772 any
permit tcp any eq 8554 any -
WRVS4400N Firmware V1.1.03 QoS Problem
With this router, there seems to be a problem with the V1.1.03 firmware. I cannot save any of it's QoS/ CoS settings on any of the pages, from either a wireless OR wired device HTTP session.
If I try to create my own service in the bandwidth limitations, when I save settings, it defaults back to the first 2 or 3 entries in the services list. It's very annoying.
Is there a fix for this?Allow me to demonstrate.
I add custom services.
I click "SAVE SETTINGS"
I get this result.
Maybe someone there could take 2 seconds to answer why the router would do this.... or maybe tell me why I cannot assign priority to ports... or do any QoS/CoS settings AT ALL?
Message Edited by JZulkeski on 02-24-2008 10:52 AM -
Dears
I want your help in figuring out the problem in configuration, as I am trying to deploy qos on DMVPN
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
AUBEgypt-RHT-R this router is hub
shooting club is spoke
but i can't see the result as expected :
AUBEgypt-RHT-R#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel172 is up/up, Addr. is 172.23.11.1, VRF ""
Tunnel Src./Dest. addr: 172.23.1.1/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
Type:Hub, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
Crypto Session Details:
Interface: Tunnel172
Session: [0x689D0324]
IKE SA: local 172.23.1.1/500 remote 172.23.1.5/500 Active
Capabilities:D connid:1004 lifetime:23:44:18
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.5
IPSEC FLOW: permit 47 host 172.23.1.1 host 172.23.1.5
Active SAs: 4, origin: crypto map
Inbound: #pkts dec'ed 127 drop 0 life (KB/Sec) 4514806/113
Outbound: #pkts enc'ed 127 drop 0 life (KB/Sec) 4514807/113
Outbound SPI : 0xA67C0EBD, transform : esp-aes esp-sha-hmac
Socket State: Open
Pending DMVPN Sessions:
AUBEgypt-RHT-R#show ip nhrp
172.23.11.5/32 via 172.23.11.5
Tunnel172 created 00:17:17, expire 01:42:42
Type: dynamic, Flags: unique registered
NBMA address: 172.23.1.5
Group: spoke_group1
Shooting-Club#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel1 is up/up, Addr. is 172.23.11.5, VRF ""
Tunnel Src./Dest. addr: 172.23.1.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.11.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.1 172.23.11.1 UP 00:17:48 S 172.23.11.1/32
Interface Tunnel2 is up/up, Addr. is 172.23.22.5, VRF ""
Tunnel Src./Dest. addr: 172.23.2.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.22.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.2.1 172.23.22.1 UP 00:17:48 S 172.23.22.1/32
Crypto Session Details:
Interface: Tunnel1
Session: [0x669AD6D4]
IKE SA: local 172.23.1.5/500 remote 172.23.1.1/500 Active
Capabilities:(none) connid:1007 lifetime:23:43:28
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.1
IPSEC FLOW: permit 47 host 172.23.1.5 host 172.23.1.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 134 drop 0 life (KB/Sec) 4437700/52
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4437700/52
Outbound SPI : 0x90A47368, transform : esp-aes esp-sha-hmac
Socket State: Open
Interface: Tunnel2
Session: [0x669AD5E4]
IKE SA: local 172.23.2.5/500 remote 172.23.2.1/500 Active
Capabilities:(none) connid:1008 lifetime:23:43:29
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.2.1
IPSEC FLOW: permit 47 host 172.23.2.5 host 172.23.2.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 133 drop 0 life (KB/Sec) 4409710/55
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4409710/55
Outbound SPI : 0xEEC2E783, transform : esp-aes esp-sha-hmacDears
I want your help in figuring out the problem in configuration, as I am trying to deploy qos on DMVPN
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
AUBEgypt-RHT-R this router is hub
shooting club is spoke
but i can't see the result as expected :
AUBEgypt-RHT-R#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel172 is up/up, Addr. is 172.23.11.1, VRF ""
Tunnel Src./Dest. addr: 172.23.1.1/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
Type:Hub, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
Crypto Session Details:
Interface: Tunnel172
Session: [0x689D0324]
IKE SA: local 172.23.1.1/500 remote 172.23.1.5/500 Active
Capabilities:D connid:1004 lifetime:23:44:18
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.5
IPSEC FLOW: permit 47 host 172.23.1.1 host 172.23.1.5
Active SAs: 4, origin: crypto map
Inbound: #pkts dec'ed 127 drop 0 life (KB/Sec) 4514806/113
Outbound: #pkts enc'ed 127 drop 0 life (KB/Sec) 4514807/113
Outbound SPI : 0xA67C0EBD, transform : esp-aes esp-sha-hmac
Socket State: Open
Pending DMVPN Sessions:
AUBEgypt-RHT-R#show ip nhrp
172.23.11.5/32 via 172.23.11.5
Tunnel172 created 00:17:17, expire 01:42:42
Type: dynamic, Flags: unique registered
NBMA address: 172.23.1.5
Group: spoke_group1
Shooting-Club#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel1 is up/up, Addr. is 172.23.11.5, VRF ""
Tunnel Src./Dest. addr: 172.23.1.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.11.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.1 172.23.11.1 UP 00:17:48 S 172.23.11.1/32
Interface Tunnel2 is up/up, Addr. is 172.23.22.5, VRF ""
Tunnel Src./Dest. addr: 172.23.2.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.22.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.2.1 172.23.22.1 UP 00:17:48 S 172.23.22.1/32
Crypto Session Details:
Interface: Tunnel1
Session: [0x669AD6D4]
IKE SA: local 172.23.1.5/500 remote 172.23.1.1/500 Active
Capabilities:(none) connid:1007 lifetime:23:43:28
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.1
IPSEC FLOW: permit 47 host 172.23.1.5 host 172.23.1.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 134 drop 0 life (KB/Sec) 4437700/52
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4437700/52
Outbound SPI : 0x90A47368, transform : esp-aes esp-sha-hmac
Socket State: Open
Interface: Tunnel2
Session: [0x669AD5E4]
IKE SA: local 172.23.2.5/500 remote 172.23.2.1/500 Active
Capabilities:(none) connid:1008 lifetime:23:43:29
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.2.1
IPSEC FLOW: permit 47 host 172.23.2.5 host 172.23.2.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 133 drop 0 life (KB/Sec) 4409710/55
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4409710/55
Outbound SPI : 0xEEC2E783, transform : esp-aes esp-sha-hmac -
Linksys SRW248G4 Bandwidth QoS problem
Hi everyone,
so I bought the SRW248G4 switch because Linksys advertises ingress and egress traffic shaping. I setup everything and tested egress at 10000 kbps which worked fine. But when I setup ingress on any of the ports I get very bad rates that don't even correspond to the limit I set. For example I can set 10000 kbps or 20000 kbps, and I only get 12-20 KB/s transfer rates, which almost below 196 kbps. Does anyone know why this would not be working? Anyone else out there with a similar problem?
Thanks,
Alexsee thread: http://forums.linksys.com/linksys/board/message?board.id=Switches&message.id=1072
-
I'm trying to configure the router's QoS but I'm not succeeding . I put the game League of Legends as a high priority , but as soon as I turn on the TV with Net Flix the game connection is bad . My questions are as follows - DHCP is not done by the router , but the modem. This would prevent the operation of the QoS ? - QoS just work for WAN connection? Because i'm doing the connection on the ethernet port. - I need to put the TV or the Net Flix as low priority in QoS ? Below modem settings
Thanks for the quick return.Allow me to elaborate : - My internet is 10mb / s- The Internet comes via cable modem / router Thomson. This router is doing DHCP and sharing the internet via ethernet port to the E900 router.- I tried some settings to share the Internet via WAN without success . Thomson Modem configurations E900 Modem Thomson
-
Hello
I'm working in deploying QoS in a branch office
but I'm getting poor voice quality on calls.
here is the configuration of the QoS parameters
*****************************************class-map match-all VOZ
match dscp ef
class-map match-all VOZ(SIGNAL)
match dscp af31
class-map match-all APLICACION-CRITICA
match access-group name AS400
policy-map POLITICAS-QoS
class VOZ
priority percent 60
class VOZ(SIGNAL)
bandwidth percent 5
class APLICACION-CRITICA
bandwidth percent 10
class class-default
fair-queue
interface FastEthernet0/0
description LAN
ip address 10.12.1.1 255.255.255.0
speed auto
interface Serial0/0
description Link to HQ
bandwidth 128
ip address 192.168.50.42 255.255.255.252
service-policy output POLITICAS-QoS
load-interval 60
compress stac
interface BRI1/0
no ip address
shutdown
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 16.0.0.0 255.255.255.0 Serial0/0
no ip http server
ip access-list extended AS400
permit ip any host 16.0.0.2
Now take a look at the Output of the show policy-map interface serial 0/0
CS-1760-PN#show policy-map interface serial 0/0
Serial0/0
Service-policy output: POLITICAS-QoS
Class-map: VOZ (match-all)
1034703 packets, 66220992 bytes
1 minute offered rate 147000 bps, drop rate 71000 bps
Match: dscp ef
Queueing
Strict Priority
Output Queue: Conversation 40
Bandwidth 60 (%)
Bandwidth 76 (kbps) Burst 1900 (Bytes)
(pkts matched/bytes matched) 1034703/66220992
(total drops/bytes drops) 530418/33946752
Class-map: VOZ(SIGNAL) (match-all)
0 packets, 0 bytes
1 minute offered rate 0 bps, drop rate 0 bps
Match: dscp af31
Queueing
Output Queue: Conversation 41
Bandwidth 5 (%)
Bandwidth 6 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: APLICACION-CRITICA (match-all)
1423 packets, 84273 bytes
1 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name AS400
Queueing
Output Queue: Conversation 42
Bandwidth 10 (%)
Bandwidth 12 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 1423/84273
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
38296 packets, 21064743 bytes
1 minute offered rate 47000 bps, drop rate 0 bps
Match: any
Queueing
Flow Based Fair Queueing
Maximum Number of Hashed Queues 32
(total queued/total drops/no-buffer drops) 11/130/0
CS-1760-PN#
As you can see there are A LOT of packets being dropped
related to DSCP ef (voice bearer packets) but there are
actually 0 (ZERO!!) calls being place at this time
Notice that there is also 0 packets matching DSCP af31 (voice signaling)
Can anyone tell me what might be happeing here ??
Why am I getting so many drops ?
Thankshave u tried the sugestions i have given to u in other sicussion regarding ur issue!!
http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Telephony&topicID=.ee6c829&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc1b1f6
good luck -
When i enable mls qos on 3750 running EMI image the ingress ports should switch to non-trusted and therefore reclassify all DSCP/COS bits to 0.
This is not happening and the COS bits are reamining as set by the IP handsets and pc's.
This does not happen on 3550 or 6500's which i have just tested to verify.What is the exact version of OS you are using ?
-
QoS Problem ( nt getting same DSCP marking at diff.. vpls customer sites
Hi we are having 3 locations A , B & C
we are providing l2 vpls service to customer .
customer is connected to our mpls cloud via EoSDH on my mpls switch on locations A , B & C.
customer is marking his traffic with DSCP bit XX from Location A when customer checking the traffic
at location B via packet sniffer ethereal they are not getting the same DSCP Tagging .
can anyone help me to find out the possible cause of this .
As far as i know in VPLS services there is limitation of provide multi-QoS.
But here in this case i m only trusting DSCP on the Lastmile port as well as on the trunks connected from my switches to my PEs .
so customer tagging should reach from location A to Location B .
Here we go:
CPE-A------CPE-A-SW--------SP-SW-A----PE-A======MPLS CLOUD=====PE-B------SP-SW-B-------CPE-B-SW-------CPE-B
here :CPE-A = customer router
CPE-A-SW = 4500
SP-SW-A = 4500
PE-A = 7600
PE-B = 7600
SP-SW-B = 3500
CPE-B-SW = 4500
CPE-B = customer routerI m getting blew output on the trunk interface connected to my PE on both the switches.
SP-SW-A#sh qos interface GigabitEthernet4/3
QoS is enabled globally
Port QoS is enabled
Administrative Port Trust State: 'dscp'
Operational Port Trust State: 'dscp'
Trust device: none
Default DSCP: 0 Default CoS: 0
Appliance trust: none
Tx-Queue Bandwidth ShapeRate Priority QueueSize
(bps) (bps) (packets)
1 250000000 disabled N/A 2336
2 250000000 disabled N/A 2336
3 250000000 disabled normal 2336
4 250000000 disabled N/A 2336
SP-SW-B#sh mls qos interface GigabitEthernet0/2 statistics
GigabitEthernet0/2
Ingress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 0 0 0 0 0
Egress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 0 n/a n/a 0 0
WRED drop counts:
qid thresh1 thresh2 FreeQ
1 : 0 0 1024
2 : 0 0 1024
3 : 0 0 1024
4 : 0 0 1024 -
Hello,
I'm currently configuring new 3750X switches.
I must implement QoS on the stack. The QoS must be the following:
VOIP Class (50%)
App-V Class (40%)
Movie Class (10%)
How I can do this (in particular for AppV)? I do the following for the moment:
class-map match-any VOIP
match protocol voice
match dscp ef
match protocol sip
match protocol skype
match protocol rtp audio
match protocol rtp video
exit
class-map AppV
exit
class-map Movie
match protocol rtp video
exit
policy-map BandwidthTraffic
class VOIP
priority percent 50
set dscp ef
class AppV
bandwidth remaining percent 40
class Movie
bandwidth remaining percent 10
interface Gig1/0/3
ip nbar protocol-discovery
service-policy input BandwidthTraffic
Anyone can says me if it's correct or not? And why?
Thank you for your help.
FlorentDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
It appears you've some router QoS. 3750X QoS is quite different for egress as you're limited to working with four egress queues. I don't recall 3750X supporting NBAR.
Suggest you read the configuration guide's chapter on QoS, for you 3750X IOS version, and then post questions as necessary. (My concern is, 3750X QoS is so different, it wouldn't be helpful to suggest a QoS configuration until you had a basic understanding of the 3750 QoS architecture and features.) -
Hi All,
I have the following scenario that i attached a jpg for !!
My router (RouterB) is connected to my ISPs router (RouterA) All my incoming traffic is through routerA.
After my RouterB i have a PIX515 with inside network and DMZ on the DMZ i have aproxy for internet access.
My connection between routers is only 256kbps, and the internet usage is hogging the line most of the time.
im not interested in other methods of controlling traffic on the proxy etc but rather perform QoS to allocate PRIORITY traffic to the PC1 and to a specific port for an aplication its using, as it becomes dead slow because the FR (256kbps) is hogged by internet traffic.
I do not have access to routerA. i have access to RouterB and PIX515.
My question is:
Router B is not aware of my QoS problems. if i configure QoS to prioritize traffic for PC1 where should i configure it..on routerB or on PIX515 !!! and which interface is the most effective.
I cannot help of thinking that routerA will send traffic to routerB as it is requested by the internet users and the appicaton of PC1. the internet users being more demanging than the PC1 application wont they stil hog up the bandwidth...or when i configure QoS on either of my machines will 'somehow tell' router A to limit its traffic to the proxy ???
with the above i mean that...if i have internet traffic of 200kbps and my application traffic is needing 200 kbps as well..Router A will send the internet traffic and application traffic as it comes on its interfaces (without QoS) and spitting it out the FR link with the same rates...so if it is already sending streams of 200kbps internet traffic. i will still only get 56 kbps for my application, untill the internet traffic dies down ??? (im confused)
please let me know if i am not clear with my request !!!
Thank you,
GeorgeHi jon,
so...in a few words theres nothing that can be done !!!! :( (on the QoS side) ...
so..in order for the QoS to work efficiently it should be configured at the source, where a HIGH BANDWIDTH Input is present (like 100Mbps ) and a smaller bandwidth output interface (2Mbps lets say ) in order for a QUEUE to be created !!! RIGHT !!! ???? so if in the node i want to apply QoS, a QUEUE is not created for traffic towards my machines i can only pray !!! So i would have to talk to the guys on RouterA ??? to apply QoS and prioritize traffic on their router (where a queue is being created !!!)
Did i get this right then ???
Thanks for the help,
George
Maybe you are looking for
-
Importing xmp files or keywords to raw files
Any ideas on how to import pre-existing keywords to raw files? I have xmp side car files in the same directories as my raw files, but when importing into aperture, the xmp files are ignored. I have tried annoture to sync between iView and aperture, b
-
Javascript global function where to read it !
Hi all, Just download the demo of acrobat 9 extended ! i'm looking to program some custum button with JS, i find the basic-interaction.pdf interesting also look at many other tutorial, question remain.... I have experience with flash, in Flash you ca
-
HOW TO INSTAL FRESH OS ...BUT ONLY THAT!!!
Disc Utility when "cheking the disc tells me: Invalid volume directory count (It should be 86832 instead of 86834) Invalid volume file count (It should be 346612 instead of 346615) The volume MIR5 needs to be repaired. Error: The underlying task repo
-
Hello I am novice of LABVIEW and DAQ system. If now i am going to use thermocouple, will it be suitable for me to use USB 6008 to acquire and analyze signal. USB 6008 has no filters inside. Using labview, will the noise be filtered out by LABVIEW its
-
Recovery does not validate my recovery disks?
system file corrupt, w/n boot, drive intact, winxp entertainment edition? hp giving circle dance! any ideas??