[cisco-voip] GRE tunnel with QoS

[Pilkington, Christopher J.]

What's the purpose of permitting gre any any, if you are permitting ip
any any, or am I missing something?

We typically do:

interface Tunnel0
 ip address w.x.y.z 255.255.255.252
 qos pre-classify
 tunnel source a.b.c.d
 tunnel destination e.f.g.h
 ...

qos pre-classify promotes the tunneled packet headers to the GRE
wrapper.  Then we can apply the service policy to the Serial...

-Chris

-----Original Message-----
From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Nick Griffin
Sent: Friday, June 05, 2009 2:27 PM
To: Eric Pedersen
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] GRE tunnel with QoS

I've done this with ipsec/gre tunnels, and verified the TOS values are
kept intact on the GRE packet. You can always use an ACL on the remote
location to match on your DSCP value when it comes in from the service
provider cloud, the catch is at that point the traffic will be GRE, so
you would do something like:

ip access-list extended TEST
permit grep any any dscp ef
permit ip any any <---- Don't forget about the ip any any

interface serx/y
ip access-group TEST in

if you are sending traffic out the cloud with DSCP value 46, they should
arrive at the remote location with the DSCP value of 46 and that type
acl entry should increment. If not they're stripping it, or your not
sending it. 

Don't forget about TCP MSS and IP MTU. 

HTH,

NIck Griffin



On Fri, Jun 5, 2009 at 11:57 AM, Eric Pedersen <eric.pedersen at sait.ca>
wrote:


	Thanks for the links Wes; I was unable to find information on
what the default behaviour is.  I like it when configuration tasks are
"None".

	 

	I have not tested it yet - I will be doing that next week.

	 

	From: Wes Sisk [mailto:wsisk at cisco.com] 
	Sent: June 4, 2009 21:09
	To: Eric Pedersen
	Cc: cisco-voip at puck.nether.net
	Subject: Re: [cisco-voip] GRE tunnel with QoS

	 

	I've not tested it but:
	
	
	
http://www.cisco.com/en/US/docs/ios/11_3/feature/guide/greqos.html
	Configuration Tasks
	 None; this feature occurs by default. 
	
	
http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a
008017405e.shtml
	
	Do you have indication that it is not working?
	
	/Wes
	
	On Thursday, June 04, 2009 8:54:37 PM, Eric Pedersen
<eric.pedersen at sait.ca> <mailto:eric.pedersen at sait.ca>  wrote:
	
	

	I want to set up a GRE tunnel to a remote site over our
provider's MPLS VPN service.  They classify our voice traffic based on
dscp. Does someone have an example of how to set this up so that when
packets are tunneled, their DSCP values are copied to the GRE packet
headers?

	 

	Thanks,

	Eric

	 
	
________________________________



	 
	_______________________________________________
	cisco-voip mailing list
	cisco-voip at puck.nether.net
	https://puck.nether.net/mailman/listinfo/cisco-voip
	  

	 


	_______________________________________________
	cisco-voip mailing list
	cisco-voip at puck.nether.net
	https://puck.nether.net/mailman/listinfo/cisco-voip
	
	



 
Confidentiality Note: This electronic message transmission is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. If you have received this transmission, but are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this e-mail in error, please contact  me at 315/438-8474 and delete and destroy the original message and all copies.
 
Go Paperless * Reduce Clutter * Save Trees