I’m trying to set up a QoS template that I can implement and edit/update at other sites with similar requirements. I’m doing this on a 4500-X VSS Switches. I can set class-maps and Policy-maps, but can either do Priority or bandwidth inside the Policy->Class. Meaning I can’t set a Policy-Map -> class
We have multiple VoIP providers ( all soft phones ) and I’d really like to set DSCP EF for Priority and a percent of the bandwidth. I was pointed to this site: https://www.ciscopress.com/articles/article.asp?p=2756478&seqNum=8 and it describes a 4, 8. 12 config I still have couple questions…
For example the 8-class QoS strategy…
Voice: Marked with EF and limited to 10 percent of link bandwidth in a strict-priority queue
– Is this telling me that traffic marked as EF will get Priority 10% and only 10% of link bandwidth
Multimedia conferencing (Interactive video): Marked with AF41 or sometimes as EF and limited to 23 percent of link bandwidth in a strict-priority queue
– Is this telling me that traffic marked as AF41 will get 23% and only 23% of link bandwidth
.
.
.
.
Are the bandwidths set in a template in the IOS, and are there more auto bandwidth settings? For example traffic marked as AF32. Is there a pre-built min / max for that marking?
Does the priority setting within the class of the Policy just set that class as priority -> first out? For example my class for EF traffic I set priority for that class in the Policy Map 10% of the first out data…
If I set priority and "remaining Bandwidth percent <> I’m assuming the delivery of the packet is based on the marking… So a AF41 is going to go before a AF11 ( AF43 for that matter ) and does the AF41 queue have to be empty before the AF11 will hit the line?
Policy Map primary-eth-1G
Class qos-any-ef
priority
Class qos-control
bandwidth remaining 5 (%)
Class qos-sip-signaling
bandwidth remaining 3 (%)
If I have traffic entering the switch marked as EF can I change that to something else like CS4 or AF41 via: ACL -> class-map -> Policy-map config. Before it hits the EF class-map? We have Zoom running and currently the app is tagging traffic as EF. I’d like to have my Voice take precedence over Zoom all the time…
I’ll try to address your concerns so that you can have an idea of how to proceed from here.
This is how policy maps are set up. You cannot configure both priority and bandwidth, but either one. However, I believe what you are looking for is to configure a maximum allowed bandwidth for the priority queue. That can indeed be configured simultaneously and it is achieved using the policing feature.
Consider looking at the 4-class QoS strategy, as that provides a more suitable scenario for your situation, since you don’t need so many QoS classes.
OK there are a couple of issues here. If your voice is marked with EF, and your interactive video is also sometimes marked with EF, then you must find a way to differentiate them. This can be done either by matching an access list for particular ports (rather than QoS markings), or by changing the QoS markings on those particular packets. More on the latter later.
You can also use what is known as multi-level priority queues, which are further described in the following Cisco documentation. It may however not be supported on your platform:
Now does that mean that only 23% will be used? There is what is known as an implicit policer implemented in these cases, so yes. Take a look at this post which may give you some more information about this:
If you create a policy map that identifies the Zoom traffic (using IP address or port numbers for example) and place it incoming on the appropriate interface, you can use that policy map to change the QoS marking to whatever you like. Then they will reach the EF class map with the appropriate marking and you can treat them differently from your other traffic since you can now differentiate between them.
For most of the other questions, take a look at the following lesson:
Thanx Laz, very… I’ve been working on this and took my overly complicated design and stripped it down to what you were referring to. I’ll post shortly… With regards to re-marking the Video off EF to something else… Can I use the same class-map in the ingress policy-map ( to remark the incoming packets) as the Egress policy-map to designate the bandwidth? I’ll have that in my config here shortly…
Policy Map primary-eth-1G ! - applied to Egress to ASA
Class PRIORITY-QUEUE
priority ! - 10%
Class CONTROL-QUEUE
bandwidth remaining 5 (%)
Class SCAVENGER-QUEUE
bandwidth remaining 1 (%)
Class SIGNALING-QUEUE
bandwidth remaining 2 (%)
Class VIDEO-QUEUE-EGRESS
bandwidth remaining 25 (%)
Class class-default
bandwidth remaining 67 (%)
dbl
Policy Map ingress-internal ! - applied to Etherchannels inside facing
Class VIDEO-QUEUE-INGRESS
set dscp af41
! ------- Class Maps
Class Map match-all TRANSACTIONAL-DATA-QUEUE (id 12)
Description: Mission Critical Data Apps
Match dscp af21 (18) af22 (20) af23 (22)
Class Map match-any VIDEO-QUEUE-EGRESS (id 13)
Description: matching marked video traffic
Match dscp af41 (34)
Class Map match-any SCAVENGER-QUEUE (id 6)
Description: Matching Scavenger Class
Match dscp cs1 (8)
Class Map match-any SIGNALING-QUEUE (id 7)
Description: Matching Signaling
Match dscp cs3 (24)
Class Map match-any class-default (id 0)
Match any
Class Map match-any CONTROL-QUEUE (id 8)
Description: Matching Network Control
Match dscp cs6 (48)
Class Map match-any VIDEO-QUEUE-INGRESS (id 11)
Description: capture ingress video traffic
Match access-group name CONF-ROOMS ! - access list matches source and destination of conf room subnet
Class Map match-all PRIORITY-QUEUE (id 10)
Description: Matching Voice
Match dscp ef (46)
Thanx Laz, looks like the show mls command isn’t available on this platform… I’m trying to work with Cisco and troubleshoot some more… I do have a follow up question though on QoS in general…
I have another question on config… I have my class-maps listed below and I was wondering if you could help me understand why some match lines seem to be added… Also if I do a show run class-map | e VSL there are some variations to what I configured. Is this like ACL’s in a where show access-list will show all permutations of the ACL?
ir01_mdf_core#show class-map | e VSL
Class Map match-all TRANSACTIONAL-DATA-QUEUE (id 12)
Description: Mission Critical Data Apps
Match dscp af21 (18) af22 (20) af23 (22)
! - The below matches af41 - af23 were not added by me to this class
Match dscp af41 (34)
Match dscp af42 (36)
Match dscp af43 (38)
Match dscp af31 (26)
Match dscp af32 (28)
Match dscp af33 (30)
Match dscp af21 (18)
Match dscp af22 (20)
Match dscp af23 (22)
Class Map match-any VIDEO-QUEUE-EGRESS (id 13)
Description: matching marked video traffic
Match dscp af41 (34)
Class Map match-any SCAVENGER-QUEUE (id 6)
Description: Matching Scavenger Class
Match dscp cs1 (8)
Class Map match-any SIGNALING-QUEUE (id 7)
Description: Matching Signaling
Match dscp cs3 (24)
Class Map match-any class-default (id 0)
Match any
! - The below matches af46, cs4, and cs5 were not added by me. I’m not sure why we would even have ef in the default class anyways
Match dscp ef (46)
Match dscp cs4 (32)
Match dscp cs5 (40)
Class Map match-any CONTROL-QUEUE (id 8)
Description: Matching Network Control
Match dscp cs6 (48)
Class Map match-any VIDEO-QUEUE-INGRESS (id 11)
Description: capture ingress video traffic
Match access-group name CONF-ROOMS
Class Map match-all PRIORITY-QUEUE (id 10)
Description: Matching Voice
Match dscp ef (46)
! - The below matches were not added by me ca2, cs3, cs6, AND cs7
Match dscp cs2 (16)
Match dscp cs3 (24)
Match dscp cs6 (48)
Match dscp cs7 (56)
ir01_mdf_core#
ir01_mdf_core#
ir01_mdf_core#
ir01_mdf_core#
ir01_mdf_core#show run class-map | e VSL
Building configuration...
Current configuration : 1787 bytes
!
match any
class-map match-all TRANSACTIONAL-DATA-QUEUE
description Mission Critical Data Apps
match dscp af21 af22 af23
match dscp af41
match dscp af42
match dscp af43
match dscp af31
match dscp af32
match dscp af33
match dscp af21
match dscp af22
match dscp af23
class-map match-any VIDEO-QUEUE-EGRESS
description matching marked video traffic
match dscp af41
class-map match-any SCAVENGER-QUEUE
description Matching Scavenger Class
match dscp cs1
class-map match-any SIGNALING-QUEUE
description Matching Signaling
match dscp cs3
match dscp ef
match dscp cs4
match dscp cs5
class-map match-any CONTROL-QUEUE
description Matching Network Control
match dscp cs6
class-map match-any VIDEO-QUEUE-INGRESS
description capture ingress video traffic
match access-group name CONF-ROOMS
class-map match-all PRIORITY-QUEUE
description Matching Voice
match dscp ef
match dscp cs2
match dscp cs3
match dscp cs6
match dscp cs7
end
Yeah, sorry about that, the 2960-X, 3560-X, and 3750-X are the last switches to use MLS. The 4500 uses Modular QoS Configuration (MQC) like routers.
So those extra matches that you see are from the default class maps that are generated by AutoQoS based on the Cisco Validated Designs (CVD). Even with a config out of the box, you’ll see those there.
