Custom QoS Policy Check Please

Soldato
Joined
17 Oct 2002
Posts
3,941
Location
West Midlands
Greetings, im putting together a QoS policy to be applied to CPE routers on an MPLS network with a single hub site and multiple spoke sites.

Our provider uses the 4 Class model and supports both IPP and DSCP, These are referred to as Gold (IPP 5) Silver (IPP 4) Bronze (IPP 2) and Default (IPP 0) ive used AutoQos in the past but thought about giving a manual config a go, could someone clarify if im heading in the right direction?

The policy will be applied on the MPLS facing interface going outbound of each CPE router.

!
class-map match-any REALTIME_GOLD
match ip dscp ef (VOIP)

class-map match-any CRITICAL_SILVER
match ip dscp af31 (Call Signalling)
match ip dscp cs3 (Call Signalling)
match ip dscp cs6 (IP Routing BGP)
match ip dscp af21 (Unix Database Access)

class-map match-any BEST_EFFORT_BRONZE
match ip dscp 0 (Web Traffic/Email/Pritning)

class-map match-any SCAVENGER
match ip dscp CS1 (P2P/Misc)


!

policy-map CUSTOMER_CPE

class REALTIME_GOLD
priority percent 50

class CRITICAL_SILVER
bandwidth percent 24
random-detect dscp-based

class BEST_EFFORT_BRONZE
bandwidth percent 25
random-detect dscp-based

class SCAVENGER
bandwidth percent 1

I haven't included access list to define traffic yet and may well have make a complete mess of the above but any comments would be appreciated.

Regards
 
It looks ok, the trouble is that your using max-reserved-bandwidth 100, in order to apply your policy-map to the interface, this is ok as it does infact allow you to allocate 100% of the bandwidth, but in practise this is rarely achievable due to L2 and L3 overhead, so under times of congestion you actually end up allocating more than 100% and you get loss... If it was me, i'd only apply bandwidth reservation for stuff that needed it - voice/business crit.. and leave the max-reserved-bandwidth at the default of 75%..
Also, the queue guideline for the maximum amount of voice traffic shouldn't really exceed 33% maximum as you could end up with queue starvation, and standard/business critical could suffer if you have a lot of voice. Also on higher speed links, serialisation isn't much of a problem, for this reason you can put your call signalling traffic into the LLQ alongside voice traffic, if the link is less than around 1Mbit (unlikley) your best off putting the call signaling in its own CBWFQ class.
Also, you've listed the IP precedence values the provider uses to classify traffic, your values don't match, for example you've assigned CS1 to a scavenger class, but the provider doesn't recognise CS1 so they'll remark it to 0 (most likley) and your scavenger will end up being treated the same as standard.
Also, i've removed the scavenger, as its not *normal* to allocate bandwidth to P2P/Misc, anything which isn't matched in the other maps, i'd normally drop or police to 56k or something, and leave class-default with the remaining 25% bandwidth, this also allows the policy to "breath" when you get congestion.
Also remember to have the correct inbound policy-map on your lan, which sets the correct ip precedence values on your own traffic.

My config would look something like this..



class-map match-any REALTIME_GOLD
match ip dscp cs5 (voip/signalling)

class-map match-any CRITICAL_SILVER
match ip dscp cs4 (Unix Database Access, BGP)

class-map match-any BEST_EFFORT_BRONZE
match ip dscp cs2 (Web Traffic/Email/Pritning)


policy-map CUSTOMER_CPE

class REALTIME_GOLD
priority percent 30

class CRITICAL_SILVER
bandwidth percent 25
random-detect dscp-based

class BEST_EFFORT_BRONZE
bandwidth percent 20
random-detect dscp-based

class class-default
drop (or police 56000/whatever)
 
Ahh right understand now specially in how IPP translates to DSCP values.
Thank you for that much appreciated, So would i be correct in saying that the inbound policy on the LAN would resemble the following

ip access-list extended Gold
permit ip <Source IP> <Source WIldcard> <Dest IP> <Dest WIldcar>

ip access-list extended Silver
permit ip <Source IP> <Source WIldcard > <Dest IP> <Dest WIldcard >

ip access-list extended Bronze
permit ip <Source IP> <Source WIldcard > <Dest IP> <Dest WIldcard >


class-map match-any Gold_Service
match access-group name Gold

class-map match-any Silver_Service
match access-group name Silver

class-map match-any Bronze_Service
match access-group name Bronze

policy-map Marking

class Gold_Service
set ip dscp cs5

class Silver_Service
set ip dscp cs4

class Bronze_Service
set ip dscp cs2

interface FastEthernetX/X
service-policy input Marking


Regards
 

Basically yeah - the 3 most significant bits of the DSCP codepoint map over to an IP precedence value to ensure interoperability, however seeing as the ISP has actually told you the 4 ip-prec classes they match traffic on, its easiest to just stick with Csx values so you know there can be no confusion..

Your inbound policy-map looks fine providing your ACLs are accurate. remember to do basic "sh ip access-list" to check that there are matches occuring, and also "sh policy-map interface" will show you the working policy-map, from there you can see packets being marked/queued/queue depth etc..
 
Cheers for that, ill add it too the box of tricks! Trying to get on a course at the moment, QoS is certainly one of the more interesting topics!

Regards
 
Well ive had an update from the ISP and they do support DSCP at the CPE, markings are as follows

ISPMplsQos.JPG


So i would imagine i can take your config above and replace it with lowest drop preference values from the attached image

Example:


class-map match-any REALTIME_GOLD
match ip dscp EF (voip/signalling)

class-map match-any CRITICAL_SILVER
match ip dscp AF41 (Unix Database Access, BGP)

class-map match-any BEST_EFFORT_BRONZE
match ip dscp AF21 (Web Traffic/Email/Pritning)

policy-map CUSTOMER_CPE

class REALTIME_GOLD
priority percent 30

class CRITICAL_SILVER
bandwidth percent 20
random-detect dscp-based

class BEST_EFFORT_BRONZE
bandwidth percent 20
random-detect dscp-based

class class-default
bandwidth percent 5
random-detect


Regards
 
Back
Top Bottom