[c-nsp] 3750 with IP-BASE, QoS
John Gill
johgill at cisco.com
Thu Dec 8 17:44:38 EST 2011
Hi Mark,
You can use a policer to mark on conform and exceed, but you can mark
separately from a policer configuration as well:
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml#cg22
One can police on ingress, but we already drop within the output queues
based on the queue or buffer available. I don't believe the OP is
looking to drop traffic unless it's lower priority under congestion,
perhaps Joe can clarify? If you prioritize your traffic on egress you
will guarantee the rate you configure in the worst case scenario and
will not limit it during times of no congestion. A policer would work
well in the scenario where you have a contractual agreement with
downstream subscribers and they have to pay for overage. Why limit
yourself with a policer during times of no congestion?
One thing I can't determine is what the egress interface is, if it's an
enterprise 1Gb/s port or maybe a transparent LAN service, maybe Joe can
expand on that. If it is a sub-rate ethernet interface, there is another
feature on this platform that can idle the Tx interface to make these
ratios comparable for something less than line rate. The srr-queue
bandwidth-limit command will let you assume the interface is a different
speed, and the ratios of bandwidth can be calculated off of this new value.
Regards,
John Gill
cisco
On 12/8/11 4:48 PM, Mack McBride wrote:
> Errr not to be contrary but you use input policing to mark(classify) CoS on conform and exceed.
> I don't think the OP wants to use drop though.
>
> Mack
>
> -----Original Message-----
> From: John Gill [mailto:johgill at cisco.com]
> Sent: Thursday, December 08, 2011 2:20 PM
> To: Mack McBride
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] 3750 with IP-BASE, QoS
>
> Well, you wouldn't want to police unless there was congestion. The 3750 can use shared SRR queues as well as priority queuing to guarantee strict priority.
>
> You will need to familiarize yourself with the QoS operations in the
> plagform:
> http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml
>
> You can use the access lists to classify this traffic into different DSCP or COS values, and then map those values to the desired queue and threshold.
>
> From there, you can then configure your srr queuing to guarantee a % of the time to a given queue. Note you cannot set a bandwidth in Mb/s, but rather a ratio of weights will be used.
>
> For example:
> srr-queue bandwidth share 10 20 30 40
> priority-queue out
>
> This means if there is traffic in the priority queue, it is serivced.
> While there is no traffic in the priority queue, you will see queue 1 get 10/100 or 10% of the interface time to transmit, guaranteed (again, assuming no priority traffic). If that is a 1Gb/s interface, that's 100Mb. If it was a 100Mb/s interface, you would be guaranteeing 10Mb/s.
> You can adjust the shared values accordingly to get acceptable numbers, the range is 1-255 last time I checked.
>
> Regards,
> John Gill
> cisco
>
>
> On 12/8/11 2:24 PM, Mack McBride wrote:
>> On the 3750 you would use a police statement with rate, burst, exceeds and violates.
>> The rate would be your various bandwidths.
>> The burst would be calculated from the rate.
>> It sounds like you only want to push these into queues, so you mark
>> your CoS on input using the police statements. Then the queue sizes would be set on the various ports.
>>
>> LR Mack McBride
>> Network Architect
>>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net
>> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Joe Freeman
>> Sent: Thursday, December 08, 2011 12:02 PM
>> To: Cisco-nsp
>> Subject: [c-nsp] 3750 with IP-BASE, QoS
>>
>> I've inherited a site that's a mix of a 3750 stack and Force 10 gear.
>> the 3750 stack is where the layer 3 is happening between vlans in that site. I have a need to implement QoS for some voice traffic.
>>
>> Since the 3750 doesn't do QoS the way the routers do, I'm sort of at a standstill..
>>
>> ip access-list extended AgentVoice1
>> permit tcp 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 eq 80 permit tcp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 eq 443 permit tcp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 eq 8081 permit tcp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 eq 8843 permit tcp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 eq 8880 permit tcp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 range 2200 2300 permit udp
>> 10.52.200.0 0.0.1.255 XX.XX.XX.0 0.0.0.255 range 1024 65535 permit udp
>> XX.XX.XX.0 0.0.0.255 10.52.200.0 0.0.1.255 range 5060 5063 permit udp
>> XX.XX.XX.0 0.0.0.255 10.52.200.0 0.0.1.255 range 8000 8007
>>
>> ip access-list ext AgentAppsList
>> permit ip 10.52.200.0 0.0.1.255 host 10.4.77.48 permit ip 10.52.200.0
>> 0.0.1.255 XX.XX.XX.230 0.0.0.1 permit ip host 10.4.77.48 10.52.200.0
>> 0.0.1.255 permit ip XX.XX.XX.230 0.0.0.1 10.52.200.0 0.0.1.255
>>
>> ip access-list ext AgentVoice2
>> permit ip 10.52.133.0 0.0.1.255 10.100.5.0 0.0.0.255 permit ip
>> 10.52.133.0 0.0.1.255 10.59.5.0 0.0.0.255 permit ip 10.100.5.0
>> 0.0.0.255 10.52.133.0 0.0.1.255 permit ip 10.59.5.0 0.0.0.255
>> 10.52.133.0 0.0.1.255
>>
>> class-map match-all Voice1
>> descr All voice traffic for agent group 1 match access-group name
>> AgentVoice1
>>
>> class-map match-all AgentApps
>> descr Agent application traffic to/from Agent Applications match
>> access-group name AgentAppsList
>>
>> class-map match-all Agent_Voice_other
>> descr Agent group2 voice traffic
>> match access-group name Agent_Voice2
>>
>> policy-map Basic_QoS
>> class Voice1
>> ! should be set to guarantee 32Mbps, low latency, priority queuing
>> class AgentApps ! should be set to guarantee 8M, normal queuing
>> (mostly http and rdp traffic) class Agent_Voice_other ! should be set
>> to guarantee 12M, low latency, priority queuing class class-default !
>> gets whatever is leftover/available
>>
>>
>> So, the question is... how do I map that into a qos config that works
>> (well) on the 3750?
More information about the cisco-nsp
mailing list