Router Dead , when i applied QOS on virtual-temp interface for vpn !!

Similar Messages

• Apply QoS policies to MPLS interfaces

  Hello all,
  We are deploying an MPLS transport network for our research project, and we are getting undefined errors about the QoS application over tunnel interfaces. The tunnel interfaces are those we configure between end points.
  For example, if we apply a rate-limit to a tunnel interface, this is not applied, although the router anc CLI let configure the policy.
  Does anybody know how to manage this kind of policies or shaping to MPLS?
  Thanks for your help.

  Hello,
  No, in fact, what we want to configure is output policies. For example, at the ingress LER of the MPLS cloud, we receive some traffic that we set it as an specific class of service, for example, "interactive traffic". Once the traffic is classified, we route it to the correct output tunnel interface, i.e., to the next LSR. It's at that interface where we want to set the policy, so.
  When we set the policy, with the "service-policy output tunnel0", for example, the CLI doesn't return any message of error. In fact, it lets to configure it, and if we use the command "show policy-map interface tunnel0", CLI returns the configuration of the policy at that interface.
  Thanks for your help.

• What is the best way to apply QoS to CAD

  The CAD agent that are working remotely are seeing performance issues.  Hence, would it really be better to apply QOS to the CAD workers for better performance or would it just be better to give the remote workers a VMachine and have all the CAD application run locally?

  Enterprise
  all the teleworkers have business class cable connection with a Cisco 800 router.  I know big companies are seeing the same issue latancy that is probably caused by convergence time) maybe from a WAN hiccup.  in reference to the VMare -Citrix, was just idea to throw out as a better solution for a more stable enviornment, but the service control messages maybe see a lag over the WAN ...its trading one evil for another...I know CIsco mobile workers are using the CVO solution...(similar to our setup)...thoughts?

• When i apply adobe edge animate full page width OAM file website get padding on right , how i can resolve this problem

  When i apply Adobe Edge Animate file OAM for Adobe Muse over full page width website show on preview 200 pixel empty space on right side of the page .

  Please check the fill type and follow the suggestion mentioned here :
  https://helpx.adobe.com/muse/how-to/add-svg-graphics.html
  Thanks,
  Sanjit

• How to apply Qos in the precedence of cache server

  m in an isp  and iwant to apply the QOS to enhance my network internet performance
  actually i  have two requests , i will start with showing brief topology about my network and start asking the questions .
  here is the topology below :
  from the topology above , my access is only on R1 which is BGP internet gateway router and R2 is my ISP router.
  1- i want to apply Qos on R1 so that a subnet of 32 ips to have gurantee bandwidth of 30M .
  assume  the subnet  is 10.20.30.0/27  that need to be bw gurantee .
  2- i want the download traffic by idman or ftp on my Router R1 dont exceed 50 % of my total bw .
  i mean that i have 450M bandwith from my isp , & sometimes we have a  slow in browsing , so i want to enhance the browsing quality because  its more important that downloading files from internet.
  here is my two requests above , i dont know how it will work with the precedence of the cache server .
  anyway , i will paste my config of router and i will replace my puplic ips with xxx for privacy .
  7200Gateway#sh run
  Building configuration...
  Current configuration : 10149 bytes
  upgrade fpd auto
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname 7200Gateway
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  logging buffered 50000
  enable secret xxxxxxxxxxxxxx
  no aaa new-model
  ip source-route
  ip wccp 80 redirect-list CACHE80
  ip wccp 90 redirect-list CACHE90
  ip cef
  no ip domain lookup
  ip accounting-threshold 4294967295
  login block-for 180 attempts 3 within 60
  login quiet-mode access-class telnet
  login on-failure log
  login on-success log
  no ipv6 cef
  multilink bundle-name authenticated
  username xxxxxx password xxxxx
  archive
  log config
    hidekeys
  interface GigabitEthernet0/1
  description LAN
  bandwidth 230000
  ip address 10.160.150.2 255.255.255.0
  ip wccp 80 redirect in
  ip policy route-map CACHE-REDIRECT
  load-interval 30
  duplex auto
  speed auto
  media-type rj45
  negotiation auto
  interface FastEthernet0/2
  no ip address
  shutdown
  duplex auto
  speed auto
  interface GigabitEthernet0/2
  description Cache
  bandwidth 150000
  ip address x.x.x.x 255.255.255.248
  ip wccp redirect exclude in
  load-interval 30
  duplex auto
  speed 1000
  media-type rj45
  negotiation auto
  interface GigabitEthernet0/3
  description Internet
  bandwidth 230000
  ip address x.x.x.x 255.255.255.252
  ip wccp 90 redirect in
  load-interval 30
  duplex full
  speed 1000
  media-type sfp
  negotiation auto
  router bgp zzzzzzz
  no synchronization
  bgp log-neighbor-changes
  network xxxx mask xxxxx
  network xxxx mask xxxx
  network xxxx mask xxxxx
  network xxxx mask xxxx
  network xxxx mask xxxxx
  network xxxx mask xxxx
  redistribute connected
  redistribute static
  neighbor zzzzzzzz remote-as zzzzzzz
  neighbor zzzzzzz password zzzzzzz
  neighbor zzzzzz route-map Pipo out
  no auto-summary
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 xxxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
  no ip http server
  no ip http secure-server
  ip flow-top-talkers
  top 200
  sort-by bytes
  cache-timeout 5000
  ip access-list extended bb
  permit ip xxxx.xxxx.xx.0 0.0.1.255 any
  ip access-list extended CACHE80
  permit tcp xxxxxxx any eq www
  ip access-list extended CACHE90
  permit tcp any xxxxx.0 0.0.0.255
  ip access-list extended pipo
  permit ip xxxxx xxxxxxx any
    permit ip xxxxx xxxxxxx any
  ip access-list extended private
  permit tcp 172.16.0.0 0.0.255.255 any eq www
  permit ip 10.20.30.0 0.0.0.255 any
  ip access-list extended telnet
  permit ip xxxxxx xxxxxxx.255.255 any log
  permit ip xxxx xxxxx 0.0.0.255 any log
  ip prefix-list bb seq 5 permit xxxxx
  ip prefix-list bbseq 10 permit xxxxxx
  logging history size 500
  no cdp run
  route-map pipo permit 10
  match ip address prefix-list pipo1
  route-map pipo permit 20
  match ip address prefix-list newsubnet
  set metric 500
  set origin incomplete
  set as-path prepend xxxxxxxxx
  route-map permit 10
  match ip address prefix-list bibo
  route-map CACHE-REDIRECT permit 10
  match ip address  private
  set ip next-hop 1vvvvvv
  route-map CACHE-REDIRECT permit 20
  match ip address bibo e1
  set ip next-hop vvvvvv
  route-map CACHE-REDIRECT permit 30
  match ip address pipo
  set ip next-hop vvvvvvvvvv
  route-map CACHE-REDIRECT permit 100
  snmp-server community xxxxxx RO
  control-plane
  dial-peer cor custom
  line con 0
  password xxxxxxxx
  logging synchronous
  login
  stopbits 1
  line aux 0
  stopbits 1
  line vty 0 4
  exec-timeout 60 0
  password xxxxxxxxxxxxxxxxx
  logging synchronous
  login local
  end

  Hi Vinay,
  Please check the program. I have used the replace statement but it is not working.
  IF NOT v_sap_bom_rec IS INITIAL.
  Spliting the records at '~' delimiter
      SPLIT v_sap_bom_rec AT c_del INTO  wa_bom_file-model_name
                                         wa_bom_file-product_code
                                         wa_bom_file-description
                                         wa_bom_file-product_type
                                         wa_bom_file-mfg_part_num
                                         wa_bom_file-mfg_part_desc.
      REPLACE cl_abap_char_utilities=>horizontal_tab IN wa_bom_file-mfg_part_desc WITH space .
      wa_bom_file-status = c_status.
      APPEND wa_bom_file  TO i_bom_file.
  But it is not working.
  Please help me..
  Thanks
  Neelima

• Does Huawei router NE40 support Class-Based QoS?

  As I know Class-based QoS defines traffic classifiers based on certain rules and associates traffic classifiers with certain traffic behaviors, forming certain traffic policies. After
  these policies are applied to interfaces, class-based traffic policing, traffic shaping, congestion management, and precedence re-marking are implemented.
  Does Huawei router NE40 support Class-Based QoS？

   The NE80E/40E supports DiffServ and provides standard forwarding services such as EF and AF for users by using the following traffic management measures:
  1 Traffic classification
  2 Traffic policing
  3 Traffic shaping
  4 Congestion avoidance
  QoS of the NE80E/40E supports traffic policy with the above measures and mapping between the QoS fields in the IP header and the MPLS header.
  And more information about router NE40, please visit:
   http://www.huanetwork.com/huawei-router-ne40e-series-price_c89

• Apply QOS to vrf traffic?(Ethernet SubInts)

  Hi,
  I'm trying to apply "GOLD" QOS to vrf traffic that is terminated on eth subints, but class-map is not allowing me to match on subinterfaces:
  class-map match-any GOLD
  match mpls experimental topmost 5
  match ip precedence 5
  match input-interface fastEthernet 0/0 (Subints not allowed)
  I also cannot match on access-group, as the traffic is within a vrf.
  Should I be creating a seperate policy-map marking the traffic as GOLD, and then apply this as a "service-policy input" to each eth subint the vrf is associated with?

  Hi,
  when you apply the service-policy to an interface you do NOT need to specify the interface in the class-map! Example:
  class-map match-any VoIP
  match ip precedence 5
  match ip dscp ef
  policy-map Marking
  class VoIP
  set mpls experimental imposition 5
  interface FastEthernet0/0.100
  ip address ...
  encapsulation dot1q 100
  service-policy input Marking
  This will set MPLS exp bits on all traffic coming into F0/0.100 and being marked with either Prec 5 or DSCP EF.
  Sidenote: using an ACL in class VoIP will also only match traffic on the interface, where the policy is applied. So overlapping customer addresses are not an issue.
  Hope this helps! Please rate all posts.
  Regards, Martin

• L2TP script to initiate a router reload when tunnel goes down - working

  Hi,
       Just thought I would post a working EEM script on doing a router reload when the L2TP tunnel goes down....
  I am using a 3825 router to initiate a site-to-site tunnel with a 3rd party vpn service - StrongVPN.  On the odd occasion when the tunnel goes down, the l2tp tunnel state goes to "no session left" and the virtual-ppp1 interface - which is tied to the l2tp vpn - goes down.  Unfortunately, because I have no control on the far end router, the only way to bring it back up is thru a router reload....
  Here you go:
  event manager applet L2TP-DOWN
  event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to down"
  action 1.0 syslog msg "The L2TP VPN is down"
  action 1.1 cli command "enable"
  action 1.2 cli command "reload in 10" pattern "confirm"
  action 1.3 cli command ""
  action 1.4 syslog msg "EEM scheduled reload in 10 minutes"
  event manager applet L2TP-UP
  event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to up"
  action 1.0 syslog msg "The L2TP VPN is up"
  action 1.1 cli command "enable"
  action 1.2 cli command "reload cancel"
  Jason

  Hi Arie,
       So, here is the script I am using....
  When the L2TP tunnel goes to "no sessions left", the virtual-ppp1 interface goes down.  That's the typical message I get when it goes down.  So, when I reboot the router, the script shows the message that the virtual-ppp1 interface is up when the L2TP tunnel comes up.  I checked the debugs and that is the behaviour when the tunnel goes up / down...
  Here you go:
  event manager applet L2TP-DOWN
  event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to down"
  action 1.0 syslog msg "The L2TP VPN is down"
  action 1.1 cli command "enable"
  action 1.2 cli command "reload in 10" pattern "confirm"
  action 1.3 cli command ""
  action 1.4 syslog msg "EEM scheduled reload in 10 minutes"
  event manager applet L2TP-UP
  event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to up"
  action 1.0 syslog msg "The L2TP VPN is up"
  action 1.1 cli command "enable"
  action 1.2 cli command "reload cancel"
  Thanks.

• Where to apply qos

  We have this:
  src/dst---ORtr1---100Mbps---SPRtr---512kbps---Ortr2---T1---Ortr2---src/dst
  Where should we apply qos? We don't have access to SPRtr(service provider) and here is sample config on our router 1 (Ortr1):
  interface FastEthernet0/0
  service-policy output OUR-POLICY
  Class-map voice-signaling
  match access-group 102
  class-map voice-traffic
  match access-group 101
  policy-map OUR-POLICY
  class voice-traffic
  priority 64
  class voice-signaling
  bandwidth 16
  class class-default
  fair-queue
  access-list 101 permit udp any any range 16384 32767
  access-list 102 permit tcp any eq 1720 any
  access-list 102 permit tcp any any eq 1720

  Hi,
  Qos should be applied to ORtr1 FE, ORtr2 512k, ORtr3 (?) T1.
  On ORtr2 and ORtr3 - connected through T1 - you can use f.e. your posted policy.
  The tricky one is ORtr1 and your policy will not work. The underlying reason is: you are configuring queueing and it will only be involved IF the physical interface is overloaded. This means that there should be more than 100 Mbps traffic before your config is involved. Obviously the problem occurs already if there is more than 512k.
  The solution to the problem is called "nested policy". It would look like this taking your initial policy:
  interface FastEthernet0/0
  service-policy output Shape512k
  Class-map voice-signaling
  match access-group 102
  class-map voice-traffic
  match access-group 101
  policy-map OUR-POLICY
  class voice-traffic
  priority 64
  class voice-signaling
  bandwidth 16
  class class-default
  fair-queue
  policy-map Shape512k
  class class-default
  shape 500
  service-policy output OUR-POLICY
  access-list 101 permit udp any any range 16384 32767
  access-list 102 permit tcp any eq 1720 any
  access-list 102 permit tcp any any eq 1720
  The policy Shape512k will only allow 500 kbps to pass through the F0/0 interface. Once this SHAPER is overloaded you apply the policy OUR-POLICY to prioritize voip.
  The idea is never overload your SPRtr interface. Thus you should not shape to 512k exactly to account for OSI layer2 overhead.
  Hope this helps! Please rate all posts.
  Regards, Martin

• Multicast routing issues when a subinterface is configured

  Strange issue here. Cisco and the vendor are unable to help so far...
  Most of our layer 3 lives on core switches. However, we have  a couple sites off our WAN connected via  Cisco routers. In these offices, we can not get paging to work.
  I  setup a lab and have finally determined what is at least causing the  issue. My lab "branch" has  the same problems, but I can resolve the  problem by removing the sub-interface off the router.
  On my LAN side  of the router, with this  config, everything works fine.
  #--- THIS WORKS ---#
  R1#
  ip pim rp-address 192.168.251.254
  gig 0/0 (connects to SW1 g0/1)
   ip address 10.254.253.254 255.255.255.0
   ip pim sparse-dense mode
  SW1#
   gig 0/1 (connects to R1 g0/0)
   !no config - default VLAN1
  When I apply this config...everything breaks. The phone goes off
  #--- THIS DOES NOT WORK ---#
  R1#
  ip pim rp-address 192.168.251.254
  gig 0/0 (connects to SW1 g0/1)
   no ip
  gig 0/0.777 (connects to SW1 g0/1)
   ip address 10.254.253.254 255.255.255.0
   ip pim sparse-dense mode
  SW1#
   gig 0/1 (connects to R1 g0/0)
   sw mode trunk
   sw trunk  encap dot1q
  int vlan 777
   ip address 10.254.253.1 255.255.255.0
   ip pim sparse-dense mode
  int vlan 778
   ip address 10.254.251.1 255.255.255.0
   ip pim sparse-dense mode
   gig 0/17 (phone port)
   switch access vlan 778 (keeping it simple for now)
  I have tried this on 2 different model routers, each with different IOS versions.  The same issues follow each router. What is it about the  sub interfaces?
  Any insight? Calling all multicast experts! Thanks!

  Hi,
  creating sub-interface should not create any difference here. Only difference i can see earlier switch was working in l2 mode now it is participating in multicast routing as SVI is configured and pim neighborship established. Have you configured RP address on SW1. Please share below outputs from both devices
  - running config
  - show ip mroute <group>
  - show ip pim rp address mapping
  Regards,
  Akash

• Ping go's up on EA6500 when media prioritization (QOS) is enabled

  I've noticed that my pings on  all my devices go up when I enable QOS.
  This even happens on the PC which has high priority.
  The ping times go up by an average of 6ms, so if I normally have a 14 ping to a host it will now be 21.
  I've tested this by turning media prioritization on and off and everytime its turned on this seems to happen, although sometimes it requires a router or pc reboot before the issue arrises.
  Is their any fix for this?

  I would expect that when Media Prioritization is enabled your ping would go up a little bit.
  Think about it this way: Without media prioritization on, the router simply passes any request through; however, when it is on, the router has to check whether or not the device is set to take priority over the other devices and proceeds from there, which will add a little more to the response time.
  In my opinion I don't see 6 ms extra being all that much of a problem, especially with such a low ping in the first place. Though, that certainly depends on what you're doing. The only "fix" to this would probably have to be implemented by Cisco, besides disabling various features to try and gain back the 6 ms. Again, this is my opinion and I'm not an expert on how exactly these things are implemented besides being a programmer myself and generally adding additional checks will increase processing time. As for how much, that depends on implementation and what needs to be done.

• I'm trying to connect my MacBook Pro running on OS 10.8.2 to a Linksys EA3500 router and when I go to click on the set up icon I get an "unsupported operating system". Any suggestions on what to do? The Linksys site is useless.

  I'm trying to connect my MacBook Pro running on OS 10.8.2 to a Linksys EA3500 router and when I go to click on the set up icon I get an "unsupported operating system". Any suggestions on what to do? The Linksys site is useless. Do I need some kind of upgrade?

  Don't use the CD software its not necessary.
  Infact put it in the trash.
  Your router will have an IP address in the range 192.168.1.1
  Connect your router to your Mac via Ethernet cable (They usually supply one with the router and don't worry which end goes where the Mac LAN socket is bi-directional)
  Also connect your router to your telephone line.
  Now open your Web browser Safari . Type in the IP address above and a Javascript control panel will launch
  Enter the default password and username (They are on a label on the router )
  Your now have the ability to set up your router.
  Your will need the password and user name supplied to you by your ISP at a minimum.
  Enter these and most modern routers automatically configure the basic networking setting.
  You now need to go to the security setting and set this as WPA2 Personal (NOT Enterprise) or WPA2 with AES and TKIP which ever it refers to and create a pass-phase. WRITE it down
  You should be online.
  Now remove the cable and connect to the Wifi and enter that passphase.

• I just got my cable company to switch my wireless router to a wired one considering now I have the wireless airport device (the newest one) but now I can't get a wireless signal. The router works when directlyplugged in,the aiport wireless device is green

  I just got my cable company to switch my wireless router to a wired one considering now I have the wireless airport device (the newest one) but now I can't get a wireless signal. The router works when directlyplugged in,the aiport wireless device is green. I've tried going through my new MacBook Pro settings and it the diagnostics check, it says network changes detected, I tell it that it "yes" does connect to a cable modem, it tells me to restart it, after I do it asks if there are any other devices hooked up ( firewall) and when I say no it tells me that it can't fix the problem.
  Now I know that I probably have a new IP address because of the cable company switching the boxes but it was working fine with the other box, now there isn't a signal to be had on it!
  Please anybody out there that can help!!!??

  Any time you change networking hardware it is always a good idea to perform a complete power recycle with the new equipment. Check out the following AirPort User Tip. Please post back your results.

• ITunes 11.1.4 will not install properly - windows 8.1, 64 bit.  My only way to recover is to restore my system.  iTunes 11.1.3.8 functions properly.  When will Apply provide a workable update?

  iTunes 11.1.4 will not install properly - windows 8.1, 64 bit.  The only way I have found to recover is to restore my system.  I have unistalled/reintalled iTunes two times.  No success.  iTunes 11.1.3.8 functions properly (following system restore).  When is Apply expected to provide a workable update?

  Uninstall your existing copy of iTunes. Delete any copies of the iTunesSetup.exe (or iTunes64Setup.exe) installer files from your downloads areas for your web browsers and download a fresh copy of the iTunes installer from the Apple website:
  http://www.apple.com/itunes/download/
  (The current build of the 11.1.4.62 installer was changed a few days ago, which fixed the bulk of the reports of MSVCR80.dll/R6034/APSDaemon.exe/Error-7/AMDS-could-not-start trouble ... but the build number on the installer was not changed. So we're trying to make sure you do the reinstall using a "new good" 11.1.4.62 installer instead of an "old bad".)
  Does the install with the new copy of the installer go through properly? If so, does that clear up the error message?
  If you still have the same error messages cropping up, then try the procedures from the following user tip:
  Troubleshooting issues with iTunes for Windows updates

• Messages has replaced all my text with a load of letter A's in boxes. What is that all about. When I type a new one it is fine until I hit enter then the same thing applies. Has anyone a fix for this?

  Messages has replaced all my text with a load of letter A's in boxes. What is that all about. When I type a new one it is fine until I hit enter then the same thing applies. Has anyone a fix for this?
  Picture below, many thanks for your help.
  Jason

  Back up all data before proceeding.
  Launch the Font Book application and validate all fonts. You must select the fonts in order to validate them. See the built-in help and this support article for instructions. If Font Book finds any issues, resolve them.
  Start up in safe mode to rebuild the font caches. Restart as usual and test.
  Note: If FileVault is enabled in OS X 10.9 or earlier, or if a firmware password is set, or if the startup volume is a software RAID, you can’t start in safe mode. In that case, ask for instructions.
  If you still have problems, then from the Font Book menu bar, select
            File ▹ Restore Standard Fonts...
  You'll be prompted to confirm, and then to enter your administrator login password.
  Also note that if you deactivate or remove any built-in fonts, for instance by using a third-party font manager, the system may become unstable.