[nsp] dscp setup

Roger grunky at rockriver.net
Fri Mar 12 18:57:57 EST 2004 

I'd like to submit this config for review. My goal is to have outbound 
latency sensetive traffic(acl 101) and outbound lantency in-sensetive 
traffic(acl 102) get marked w/ dscp values on the internal interface, fa0.

Once this traffic is marked have the outbound interface give preference 
to the AF11 class(w/ priotity queueing), and AF13 getting dropped sooner 
and sent later.

#acl for latency sensetive traffic
access-list 101 permit udp any any range 26000 29000
access-list 101 permit udp any any range 5998 9000
access-list 101 permit udp any any range 2300 2400
access-list 101 permit udp any any eq 4000
access-list 101 permit udp any any eq 14567

#acl for latency insensetive traffic
access-list 102 permit tcp any any eq 8080
access-list 102 permit tcp any any eq 443
access-list 102 permit tcp any any eq ftp-data
access-list 102 permit tcp any any eq ftp
access-list 102 permit tcp any any eq www

#class maps to classify inbound traffic on the #internal interface
class-map match-any sensetive
match access-group 101
class-map match-any insensetive
match access-group 102

#class maps to match packets w/ diffserv values
#on WAN interface s0
class-map match-all high
match ip dscp af11
class-map match-all low
match ip dscp af13

#set acl 101 w/ dscp values of Af11 & acl 102 w/ Af13
policy-map setdscp
class sensetive
set dscp af11
class insensetive
set dscp af13

#give acl 101 w/ dscp value af11 70% of out going #bandwidth and acl 102 
w/ dscp value af13 the #remaining 30%
policy-map manage
class high
priority percent 70
class low
bandwidth remaining percent 30

inter fa0
desc internal interface
service-policy input setdscp

inter serial0
desc WAN interface
service-policy output manage

Can anyone spot anything wrong with this? I'm worried about QoS. DSCP 
should give prefence to acl 101 but I'm not sure as this is my first 
foray into dscp.

Should I just dump DSCP and opt for GTS?

Also once packets marked w/ DSCP leave my network - do routers further 
downstream reset those bits to 0? If thats the case Dscps value goes 
down signifigantly.

Thanks for any feedback, I've found QoS to be very foggy...

More information about the cisco-nsp mailing list