QoS probleme
Hi everyone,
I've got a probleme. I red the cisco QoS book, but it doesn't work for me.
I want to do what so many others do, reserve bandwitdh for some specific trafic. But if I test the config, every flow gets the same bandwidth.
I transmit from 2 pc's with a matching ip and a not matching ip each 100MB file. Teracopy shows me the bandwitdh of each 1,3 MB/s and if I look to the folder, the files arrive nearly at the same time.
IOS (tm) C2600 Software (C2600-I-M), Version 12.2(19), RELEASE SOFTWARE (fc3)
Standard IP access list it-intern
permit x.x.x.x (125133 matches)
permit x.x.x.x (60651 matches)
permit x.x.x.x, wildcard bits 0.0.0.255 (905968 matches)
Class Map match-any class-default (id 0)
Match any
Class Map match-any not-it-intern (id 1)
Match not access-group name it-intern
Policy Map cbwfq
Class not-it-intern
Bandwidth 70 (%) Max Threshold 64 (packets)
interface FastEthernet0/1
description # 20 MBit #
bandwidth 20000
ip address x.x.x.x x.x.x.x
service-policy output cbwfq
ip route-cache flow
no ip mroute-cache
duplex auto
speed auto
If I make:
ciscoHV3#sh pol int
FastEthernet0/1
Service-policy output: cbwfq
Class-map: not-it-intern (match-any)
11127978 packets, 4292340182 bytes
5 minute offered rate 4422000 bps, drop rate 0 bps
Match: not access-group name it-intern
11127962 packets, 4292327891 bytes
5 minute rate 4422000 bps
Queueing
Output Queue: Conversation 265
Bandwidth 70 (%) Max Threshold 64 (packets)
(pkts matched/bytes matched) 111155/27836979
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
827815 packets, 919625061 bytes
5 minute offered rate 2911000 bps, drop rate 0 bps
Match: any
- I can see that pakets became matched.
I fall in dispair, please help.
I've got a WAN connection, which is connected via FastEthernet to the router. The ISP garantees 20 mbit/s. There are 2 IPs and 1 Subnet that got low prior. So I created a Class that "Not" matches that Accessgroup. The remaining traffic should become a minimum of 70% of the bandwidth.
If I understand you, I only get congestion if i would use the physical interface speed (100mbit/s) and only in this case I can use the bandwidth comands.
But would work a config like this?:
Policy-Map cbwfq
Class not-it-intern
Bandwidth percent 70
Policy-Map police-all
Class class-default
police cir 20000000
service-policy cbwfq
interface FastEthernet0/1
description # 20 MBit #
bandwidth 20000
ip address x.x.x.x x.x.x.x
service-policy output police-all
ip route-cache flow
no ip mroute-cache
duplex auto
speed auto
I don't want to use shaping, thats the currently way how I limit the traffic for the sources of the ACL(it-intern). But shaping stresses the router a little bit too much and how I said, I dont want to limit I want to garantee a minimum of traffic.
By the way, thanks a lot for your help until now.
Similar Messages
-
ASR1001 QOS Problem %QOS-4-TUN_MOV_FAIL
Dear member,
I have facing a problem on the ASR with QOS problem, I configured a hqos on phyical interface and hqos on tunnel interface, the number of tunnel about 350.
I check on the logging, the QOS on tunnel was continues fail and install.
============================================
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2000.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2780, suspending policy.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2000, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel3080.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel3080, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2380.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel2380, suspending policy.
%QOS-4-TUN_MOV_FAIL: Queueing hierarchy move failed on Tunnel70, suspending policy.
%QOS-6-TUN_INSTALL: Installing suspended policy on Tunnel2140.
============================================
Any member have this experience.
Attach the QoS configuration for reference.
Regards
RussSeem not related to this bug as ASR only suspended policy without reboot.
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.2(4)S, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Mon 23-Jul-12 20:03 by mcpre
IOS XE Version: 03.07.00.S
License Level: adventerprise
License Type: Permanent
Next reload license Level: adventerprise
cisco ASR1001 (1RU) processor with 1156392K/6147K bytes of memory.
Processor board ID SSI170805JC
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7741439K bytes of eUSB flash at bootflash:.
Configuration register is 0x2102 -
QoS Problem - Outbound Ethernet Marcation
Hi all,
I have a problem with QoS.
Everytime a voice packet go outbound through an Ethernet interface the router remove the DSCP marcation 46 (EF) and marks as 0. Serial interfaces work fine.
I've tried with different IOS versions but the problem is the same.
If anyone has faced this problem before, please let'me know what IOS version this QoS configuration work.
Cheers ///
Neirival de Sousa (Brazil/Angola)Hi,
can yo be more specific about your hardware/software and general setup?
Also one more thing: are you sure it happens outbound? Could it be that a LAN switch is receiving the frame/IP packet and the default port settings for Catalysts kick in? QoS wise all LAN ports on the Catalyst switches are untrusted, thus any marking will be set to 0 (best effort), when received on such a port. You need to issue a "mls trust ..." command on each port, where markings should be passed unchanged. The "..." is "cos" or "dscp" and depends on hardware/IOS.
Hope this helps! Please rate all posts.
Regards, Martin -
QOS problem (multicast) with 3750
Hi,
I need help to solve following problem.
I have setup qos in our 3750, see below.
Unicast traffic is handle correct, However with multicast streams the router set the dscp to 0
Has somebody any idea what is missing?
Too old sw? Cisco IOS Software, C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(35)SE,
Regards Niklas
ip multicast-routing distributed
ip multicast multipath
mls qos srr-queue input priority-queue 1 bandwidth 10
mls qos srr-queue input dscp-map queue 1 threshold 1 46
mls qos srr-queue input dscp-map queue 2 threshold 1 11 24 30 48
mls qos srr-queue output dscp-map queue 1 threshold 1 48
mls qos srr-queue output dscp-map queue 2 threshold 1 46
mls qos srr-queue output dscp-map queue 3 threshold 1 40
mls qos srr-queue output dscp-map queue 4 threshold 1 11 24 30
mls qos
interface GigabitEthernet1/0/22
switchport access vlan 41
switchport mode access
load-interval 30
srr-queue bandwidth share 25 25 25 20
priority-queue out
mls qos trust dscp
interface GigabitEthernet1/0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 40
switchport mode trunk
load-interval 30
srr-queue bandwidth share 25 25 25 20
priority-queue out
mls qos trust dscpHi,
Here comes the printouts:
with mls qos enabled:
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/22 statistics
GigabitEthernet1/0/22
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 8881981 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 307 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 0 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 8881981 0 0 0 0
5 - 7 : 0 307 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/23 statistics
GigabitEthernet1/0/23
dscp: incoming
0 - 4 : 8931330 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 202 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 1206 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 11357772 0 0 0 0
5 - 7 : 0 2 0
cos: outgoing
0 - 4 : 0 0 0 0 0
5 - 7 : 0 1206 2
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#
mls qos disabled:
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/22 statistics
GigabitEthernet1/0/22
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 7371 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 0 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 7371 0 0 0 0
5 - 7 : 0 0 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#sh mls qos interface gigabitEthernet 1/0/23 statistics
GigabitEthernet1/0/23
dscp: incoming
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 23281 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 0 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 2 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 29272 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 0 0 0 0 0
5 - 7 : 0 2 0
Policer: Inprofile: 0 OutofProfile: 0
cisco-Mcast#
BR Niklas -
I'm new to setting up QoS so I would like some input.
I'm setting up QoS on my 3750X:
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.2(2)E, RELEASE SOFTWARE (fc3)
I enabled Auto QoS on the switch:
mls qos map policed-dscp 0 10 18 24 46 to 8
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 3200
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
auto qos srnd4
All ports are setup like this:
interface GigabitEthernet1/0/1
switchport mode access
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust dscp
auto qos trust dscp
The problem is this:
I have an IPTV application that I tag with AF41 (DSCP 34):
policy-map QoS-Ceton-InfiniTV-Policy
class QoS-Ceton-InfiniTV-Data-Class
set dscp af41
But when I'm playing that application back on a client, packets are dropped when I'm also running Remote Desktop tagged with AF21 (DSCP 18).
Temporarily, I solved the problem by changing all ports to queue-set 2:
Queueset: 1
Queue : 1 2 3 4
buffers : 15 25 40 20
threshold1: 100 125 100 60
threshold2: 100 125 100 150
reserved : 50 100 100 50
maximum : 200 400 3200 200
Queueset: 2
Queue : 1 2 3 4
buffers : 25 25 25 25
threshold1: 100 200 100 100
threshold2: 100 200 100 100
reserved : 50 50 50 50
maximum : 400 400 400 400
What I don't get is Auto QoS is suppose to make this easy, isn't it?
How come AF41 packets are dropped for AF21 packets?
Thanks for any input.Even with queue-set 2, I still see drops, just not as many.
GigabitEthernet1/0/27 (All statistics are in packets)
dscp: incoming
0 - 4 : 7324189 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 236744 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 1127 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
0 - 4 : 17433393 2 94 0 163
5 - 9 : 0 291 0 1 0
10 - 14 : 30613 0 0 0 0
15 - 19 : 0 3822 0 281615 0
20 - 24 : 0 0 0 0 103072
25 - 29 : 0 11 0 0 0
30 - 34 : 0 0 7605 0 15387535
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 16394 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 18872 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
0 - 4 : 7564272 0 0 0 0
5 - 7 : 0 0 0
cos: outgoing
0 - 4 : 17467998 30614 285437 103083 15395140
5 - 7 : 7914 16394 209955
output queues enqueued:
queue: threshold1 threshold2 threshold3
queue 0: 0 0 7605
queue 1: 15673244 245425 264513
queue 2: 0 0 17441610
queue 3: 1 30602 0
output queues dropped:
queue: threshold1 threshold2 threshold3
queue 0: 0 0 0
queue 1: 0 0 0
queue 2: 0 0 588
queue 3: 0 0 0
Policer: Inprofile: 0 OutofProfile: 0 -
WRVS4400N Firmware V1.1.03 QoS Problem
With this router, there seems to be a problem with the V1.1.03 firmware. I cannot save any of it's QoS/ CoS settings on any of the pages, from either a wireless OR wired device HTTP session.
If I try to create my own service in the bandwidth limitations, when I save settings, it defaults back to the first 2 or 3 entries in the services list. It's very annoying.
Is there a fix for this?Allow me to demonstrate.
I add custom services.
I click "SAVE SETTINGS"
I get this result.
Maybe someone there could take 2 seconds to answer why the router would do this.... or maybe tell me why I cannot assign priority to ports... or do any QoS/CoS settings AT ALL?
Message Edited by JZulkeski on 02-24-2008 10:52 AM -
Dears
I want your help in figuring out the problem in configuration, as I am trying to deploy qos on DMVPN
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
AUBEgypt-RHT-R this router is hub
shooting club is spoke
but i can't see the result as expected :
AUBEgypt-RHT-R#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel172 is up/up, Addr. is 172.23.11.1, VRF ""
Tunnel Src./Dest. addr: 172.23.1.1/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
Type:Hub, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
Crypto Session Details:
Interface: Tunnel172
Session: [0x689D0324]
IKE SA: local 172.23.1.1/500 remote 172.23.1.5/500 Active
Capabilities:D connid:1004 lifetime:23:44:18
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.5
IPSEC FLOW: permit 47 host 172.23.1.1 host 172.23.1.5
Active SAs: 4, origin: crypto map
Inbound: #pkts dec'ed 127 drop 0 life (KB/Sec) 4514806/113
Outbound: #pkts enc'ed 127 drop 0 life (KB/Sec) 4514807/113
Outbound SPI : 0xA67C0EBD, transform : esp-aes esp-sha-hmac
Socket State: Open
Pending DMVPN Sessions:
AUBEgypt-RHT-R#show ip nhrp
172.23.11.5/32 via 172.23.11.5
Tunnel172 created 00:17:17, expire 01:42:42
Type: dynamic, Flags: unique registered
NBMA address: 172.23.1.5
Group: spoke_group1
Shooting-Club#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel1 is up/up, Addr. is 172.23.11.5, VRF ""
Tunnel Src./Dest. addr: 172.23.1.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.11.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.1 172.23.11.1 UP 00:17:48 S 172.23.11.1/32
Interface Tunnel2 is up/up, Addr. is 172.23.22.5, VRF ""
Tunnel Src./Dest. addr: 172.23.2.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.22.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.2.1 172.23.22.1 UP 00:17:48 S 172.23.22.1/32
Crypto Session Details:
Interface: Tunnel1
Session: [0x669AD6D4]
IKE SA: local 172.23.1.5/500 remote 172.23.1.1/500 Active
Capabilities:(none) connid:1007 lifetime:23:43:28
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.1
IPSEC FLOW: permit 47 host 172.23.1.5 host 172.23.1.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 134 drop 0 life (KB/Sec) 4437700/52
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4437700/52
Outbound SPI : 0x90A47368, transform : esp-aes esp-sha-hmac
Socket State: Open
Interface: Tunnel2
Session: [0x669AD5E4]
IKE SA: local 172.23.2.5/500 remote 172.23.2.1/500 Active
Capabilities:(none) connid:1008 lifetime:23:43:29
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.2.1
IPSEC FLOW: permit 47 host 172.23.2.5 host 172.23.2.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 133 drop 0 life (KB/Sec) 4409710/55
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4409710/55
Outbound SPI : 0xEEC2E783, transform : esp-aes esp-sha-hmacDears
I want your help in figuring out the problem in configuration, as I am trying to deploy qos on DMVPN
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
AUBEgypt-RHT-R this router is hub
shooting club is spoke
but i can't see the result as expected :
AUBEgypt-RHT-R#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel172 is up/up, Addr. is 172.23.11.1, VRF ""
Tunnel Src./Dest. addr: 172.23.1.1/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
Type:Hub, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.5 172.23.11.5 UP 00:16:57 D 172.23.11.5/32
NHRP group: spoke_group1
Output QoS service-policy applied: none
Crypto Session Details:
Interface: Tunnel172
Session: [0x689D0324]
IKE SA: local 172.23.1.1/500 remote 172.23.1.5/500 Active
Capabilities:D connid:1004 lifetime:23:44:18
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.5
IPSEC FLOW: permit 47 host 172.23.1.1 host 172.23.1.5
Active SAs: 4, origin: crypto map
Inbound: #pkts dec'ed 127 drop 0 life (KB/Sec) 4514806/113
Outbound: #pkts enc'ed 127 drop 0 life (KB/Sec) 4514807/113
Outbound SPI : 0xA67C0EBD, transform : esp-aes esp-sha-hmac
Socket State: Open
Pending DMVPN Sessions:
AUBEgypt-RHT-R#show ip nhrp
172.23.11.5/32 via 172.23.11.5
Tunnel172 created 00:17:17, expire 01:42:42
Type: dynamic, Flags: unique registered
NBMA address: 172.23.1.5
Group: spoke_group1
Shooting-Club#show dmvpn detail
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface Tunnel1 is up/up, Addr. is 172.23.11.5, VRF ""
Tunnel Src./Dest. addr: 172.23.1.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.11.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.1.1 172.23.11.1 UP 00:17:48 S 172.23.11.1/32
Interface Tunnel2 is up/up, Addr. is 172.23.22.5, VRF ""
Tunnel Src./Dest. addr: 172.23.2.5/MGRE, Tunnel VRF ""
Protocol/Transport: "multi-GRE/IP", Protect "IPSEC_PROFILE"
Interface State Control: Disabled
IPv4 NHS: 172.23.22.1 RE
Type:Spoke, Total NBMA Peers (v4/v6): 1
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb Target Network
1 172.23.2.1 172.23.22.1 UP 00:17:48 S 172.23.22.1/32
Crypto Session Details:
Interface: Tunnel1
Session: [0x669AD6D4]
IKE SA: local 172.23.1.5/500 remote 172.23.1.1/500 Active
Capabilities:(none) connid:1007 lifetime:23:43:28
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.1.1
IPSEC FLOW: permit 47 host 172.23.1.5 host 172.23.1.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 134 drop 0 life (KB/Sec) 4437700/52
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4437700/52
Outbound SPI : 0x90A47368, transform : esp-aes esp-sha-hmac
Socket State: Open
Interface: Tunnel2
Session: [0x669AD5E4]
IKE SA: local 172.23.2.5/500 remote 172.23.2.1/500 Active
Capabilities:(none) connid:1008 lifetime:23:43:29
Crypto Session Status: UP-ACTIVE
fvrf: (none), Phase1_id: 172.23.2.1
IPSEC FLOW: permit 47 host 172.23.2.5 host 172.23.2.1
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 133 drop 0 life (KB/Sec) 4409710/55
Outbound: #pkts enc'ed 133 drop 1 life (KB/Sec) 4409710/55
Outbound SPI : 0xEEC2E783, transform : esp-aes esp-sha-hmac -
Linksys SRW248G4 Bandwidth QoS problem
Hi everyone,
so I bought the SRW248G4 switch because Linksys advertises ingress and egress traffic shaping. I setup everything and tested egress at 10000 kbps which worked fine. But when I setup ingress on any of the ports I get very bad rates that don't even correspond to the limit I set. For example I can set 10000 kbps or 20000 kbps, and I only get 12-20 KB/s transfer rates, which almost below 196 kbps. Does anyone know why this would not be working? Anyone else out there with a similar problem?
Thanks,
Alexsee thread: http://forums.linksys.com/linksys/board/message?board.id=Switches&message.id=1072
-
I'm trying to configure the router's QoS but I'm not succeeding . I put the game League of Legends as a high priority , but as soon as I turn on the TV with Net Flix the game connection is bad . My questions are as follows - DHCP is not done by the router , but the modem. This would prevent the operation of the QoS ? - QoS just work for WAN connection? Because i'm doing the connection on the ethernet port. - I need to put the TV or the Net Flix as low priority in QoS ? Below modem settings
Thanks for the quick return.Allow me to elaborate : - My internet is 10mb / s- The Internet comes via cable modem / router Thomson. This router is doing DHCP and sharing the internet via ethernet port to the E900 router.- I tried some settings to share the Internet via WAN without success . Thomson Modem configurations E900 Modem Thomson
-
Hello
I'm working in deploying QoS in a branch office
but I'm getting poor voice quality on calls.
here is the configuration of the QoS parameters
*****************************************class-map match-all VOZ
match dscp ef
class-map match-all VOZ(SIGNAL)
match dscp af31
class-map match-all APLICACION-CRITICA
match access-group name AS400
policy-map POLITICAS-QoS
class VOZ
priority percent 60
class VOZ(SIGNAL)
bandwidth percent 5
class APLICACION-CRITICA
bandwidth percent 10
class class-default
fair-queue
interface FastEthernet0/0
description LAN
ip address 10.12.1.1 255.255.255.0
speed auto
interface Serial0/0
description Link to HQ
bandwidth 128
ip address 192.168.50.42 255.255.255.252
service-policy output POLITICAS-QoS
load-interval 60
compress stac
interface BRI1/0
no ip address
shutdown
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 16.0.0.0 255.255.255.0 Serial0/0
no ip http server
ip access-list extended AS400
permit ip any host 16.0.0.2
Now take a look at the Output of the show policy-map interface serial 0/0
CS-1760-PN#show policy-map interface serial 0/0
Serial0/0
Service-policy output: POLITICAS-QoS
Class-map: VOZ (match-all)
1034703 packets, 66220992 bytes
1 minute offered rate 147000 bps, drop rate 71000 bps
Match: dscp ef
Queueing
Strict Priority
Output Queue: Conversation 40
Bandwidth 60 (%)
Bandwidth 76 (kbps) Burst 1900 (Bytes)
(pkts matched/bytes matched) 1034703/66220992
(total drops/bytes drops) 530418/33946752
Class-map: VOZ(SIGNAL) (match-all)
0 packets, 0 bytes
1 minute offered rate 0 bps, drop rate 0 bps
Match: dscp af31
Queueing
Output Queue: Conversation 41
Bandwidth 5 (%)
Bandwidth 6 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: APLICACION-CRITICA (match-all)
1423 packets, 84273 bytes
1 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name AS400
Queueing
Output Queue: Conversation 42
Bandwidth 10 (%)
Bandwidth 12 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 1423/84273
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
38296 packets, 21064743 bytes
1 minute offered rate 47000 bps, drop rate 0 bps
Match: any
Queueing
Flow Based Fair Queueing
Maximum Number of Hashed Queues 32
(total queued/total drops/no-buffer drops) 11/130/0
CS-1760-PN#
As you can see there are A LOT of packets being dropped
related to DSCP ef (voice bearer packets) but there are
actually 0 (ZERO!!) calls being place at this time
Notice that there is also 0 packets matching DSCP af31 (voice signaling)
Can anyone tell me what might be happeing here ??
Why am I getting so many drops ?
Thankshave u tried the sugestions i have given to u in other sicussion regarding ur issue!!
http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Telephony&topicID=.ee6c829&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc1b1f6
good luck -
When i enable mls qos on 3750 running EMI image the ingress ports should switch to non-trusted and therefore reclassify all DSCP/COS bits to 0.
This is not happening and the COS bits are reamining as set by the IP handsets and pc's.
This does not happen on 3550 or 6500's which i have just tested to verify.What is the exact version of OS you are using ?
-
QoS Problem ( nt getting same DSCP marking at diff.. vpls customer sites
Hi we are having 3 locations A , B & C
we are providing l2 vpls service to customer .
customer is connected to our mpls cloud via EoSDH on my mpls switch on locations A , B & C.
customer is marking his traffic with DSCP bit XX from Location A when customer checking the traffic
at location B via packet sniffer ethereal they are not getting the same DSCP Tagging .
can anyone help me to find out the possible cause of this .
As far as i know in VPLS services there is limitation of provide multi-QoS.
But here in this case i m only trusting DSCP on the Lastmile port as well as on the trunks connected from my switches to my PEs .
so customer tagging should reach from location A to Location B .
Here we go:
CPE-A------CPE-A-SW--------SP-SW-A----PE-A======MPLS CLOUD=====PE-B------SP-SW-B-------CPE-B-SW-------CPE-B
here :CPE-A = customer router
CPE-A-SW = 4500
SP-SW-A = 4500
PE-A = 7600
PE-B = 7600
SP-SW-B = 3500
CPE-B-SW = 4500
CPE-B = customer routerI m getting blew output on the trunk interface connected to my PE on both the switches.
SP-SW-A#sh qos interface GigabitEthernet4/3
QoS is enabled globally
Port QoS is enabled
Administrative Port Trust State: 'dscp'
Operational Port Trust State: 'dscp'
Trust device: none
Default DSCP: 0 Default CoS: 0
Appliance trust: none
Tx-Queue Bandwidth ShapeRate Priority QueueSize
(bps) (bps) (packets)
1 250000000 disabled N/A 2336
2 250000000 disabled N/A 2336
3 250000000 disabled normal 2336
4 250000000 disabled N/A 2336
SP-SW-B#sh mls qos interface GigabitEthernet0/2 statistics
GigabitEthernet0/2
Ingress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 0 0 0 0 0
Egress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 0 n/a n/a 0 0
WRED drop counts:
qid thresh1 thresh2 FreeQ
1 : 0 0 1024
2 : 0 0 1024
3 : 0 0 1024
4 : 0 0 1024 -
Hi All,
I have the following scenario that i attached a jpg for !!
My router (RouterB) is connected to my ISPs router (RouterA) All my incoming traffic is through routerA.
After my RouterB i have a PIX515 with inside network and DMZ on the DMZ i have aproxy for internet access.
My connection between routers is only 256kbps, and the internet usage is hogging the line most of the time.
im not interested in other methods of controlling traffic on the proxy etc but rather perform QoS to allocate PRIORITY traffic to the PC1 and to a specific port for an aplication its using, as it becomes dead slow because the FR (256kbps) is hogged by internet traffic.
I do not have access to routerA. i have access to RouterB and PIX515.
My question is:
Router B is not aware of my QoS problems. if i configure QoS to prioritize traffic for PC1 where should i configure it..on routerB or on PIX515 !!! and which interface is the most effective.
I cannot help of thinking that routerA will send traffic to routerB as it is requested by the internet users and the appicaton of PC1. the internet users being more demanging than the PC1 application wont they stil hog up the bandwidth...or when i configure QoS on either of my machines will 'somehow tell' router A to limit its traffic to the proxy ???
with the above i mean that...if i have internet traffic of 200kbps and my application traffic is needing 200 kbps as well..Router A will send the internet traffic and application traffic as it comes on its interfaces (without QoS) and spitting it out the FR link with the same rates...so if it is already sending streams of 200kbps internet traffic. i will still only get 56 kbps for my application, untill the internet traffic dies down ??? (im confused)
please let me know if i am not clear with my request !!!
Thank you,
GeorgeHi jon,
so...in a few words theres nothing that can be done !!!! :( (on the QoS side) ...
so..in order for the QoS to work efficiently it should be configured at the source, where a HIGH BANDWIDTH Input is present (like 100Mbps ) and a smaller bandwidth output interface (2Mbps lets say ) in order for a QUEUE to be created !!! RIGHT !!! ???? so if in the node i want to apply QoS, a QUEUE is not created for traffic towards my machines i can only pray !!! So i would have to talk to the guys on RouterA ??? to apply QoS and prioritize traffic on their router (where a queue is being created !!!)
Did i get this right then ???
Thanks for the help,
George -
I have a LinkSys E3000, but I'm having mad problems with QoS & port forwarding. I've tried the following:
Port range forwarding, from port 53 to 3074, to the IP of my xbox. My understanding is that it opens all ports in that range. Moderate NAT.
Single port forwarding, 53, 80, 88, 3074 (all both UPD & TCP - and the ports it says to open on portfoward.com), to the IP of my xbox. Moderate NAT.
DMZ, putting the IP of my Xbox in the DMZ. Moderate NAT.
DMZ, putting the MAC address of my Xbox in the DMZ. Moderate NAT.
I've no idea why none of the above work? I've also set the QoS to give my Xbox high priority (it is another option under Gaming & Applications alongside Port range forwarding, port forwarding, DMZ), so I doubt that is working either.
The only thing that gives me open NAT is if i have uPnP enabled (none of the above have any effect at all), but the connection is very dodgy. Voice chat is choppy, bit of lag in game, even when I'm the only one using an 8Mb connection (it was fine on a basic netgear router before, when no one else was on, but now I can't even get that far). I believe it should work without uPnP and with the above options I've set.
Even if the lag is sorted, it doesn't even begin to solve the QoS problem that I bought the router to fix.Who is your internet service provider is that cable or DSL connection
Please let me know so that Acoordingly we can decide whether we should go for port range triggering or port range forwarding -
i have some question regarding the PBTS :
we can't configure more than 8 TE in the default class ,is this limitation will solved on the coming release
can i have one forwarding class assigned to 32 TE tunnels and traffic loadbalance through all of them ?,
if a default class traffic come and there is no default forwarding class TE tunnel ,does it drop or it will goes through any other TE forwarding class tunnel without been affected with dropping or QOS problem for example? .
.if any one can help it will be great .Hello,
1.
I recommend taking a look at this document
http://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/117718-technote-asr9000-00.html
The 1.2Tbps is the chassis limit, as newer LCs and FCs come out we will be able to utilize more of the potential bandwidth.
2.
For power supplies you need N power modules to power all the HW in a particular router.
What if a single power supply fails? In order to prevent the system from shutting down a card due to lack of power its recommended to implement N+1 power supplies
What if your A or B feed fails?
For DC you have two power connectors to each power supply so you can connect both feeds, so if feed A goes out feed B can handle the load and therefore N+1 is okay for DC.
For AC you can only use a single feed, therefore is feed A goes all power supplies connected to feed A will no longer work. So for feed-level protection you need N+N protection.
3.
Correct, the 9904 has an enhanced backplane and a higher theoretical limit than the 9010 or 9006 which have been out for considerably longer.
4.
I am not sure where the term plane comes in effect here, can you share a link to the presentation that shows this? Unicast and multicast packets all go through the same ASICs but we have different queues for these traffic types.
5.
The MGID and FGID you should never need to worry about, these are calculated automatically.
HTH,
Sam
Maybe you are looking for
-
Counter Strike Source and Boot Camp
Does CSS work well on a MacBook (white) with boot camp, windows SP2 and 1Gb of memory?
-
Hi All, Mandatory input field in group In my web dynpro application i have marked the input field "required" and in output it shows with red asterisks... In my view i have 2 group elements with different fields. I am using method *check_mandatory_att
-
Hi , Iam using call transaction(tcode ff67). In this iam getting warning in foreground where as in background it is not showing the warning message. In background the record is being saved. If there is any warning message in background how to handl
-
I am getting ready to buy an iPad (my first one ever), and I am debating between the 16G iPad 3 and the 32G iPad 2. I don't want to spend more than $500 for this device because I am also going to buy the Apple Care warranty. I have a 32G iPhone 4 wh
-
Where's the insert key on the new keyboards?
I'm using Maya right now and the insert key is used to adjust the pivot point of objects. However, I don't see an insert key on this here new keyboard.