[cisco-voip] GRE tunnel with QoS
Pilkington, Christopher J.
CPilkington at emblemhealth.com
Fri Jun 5 14:57:27 EDT 2009
What's the purpose of permitting gre any any, if you are permitting ip
any any, or am I missing something?
We typically do:
interface Tunnel0
ip address w.x.y.z 255.255.255.252
qos pre-classify
tunnel source a.b.c.d
tunnel destination e.f.g.h
...
qos pre-classify promotes the tunneled packet headers to the GRE
wrapper. Then we can apply the service policy to the Serial...
-Chris
-----Original Message-----
From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Nick Griffin
Sent: Friday, June 05, 2009 2:27 PM
To: Eric Pedersen
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] GRE tunnel with QoS
I've done this with ipsec/gre tunnels, and verified the TOS values are
kept intact on the GRE packet. You can always use an ACL on the remote
location to match on your DSCP value when it comes in from the service
provider cloud, the catch is at that point the traffic will be GRE, so
you would do something like:
ip access-list extended TEST
permit grep any any dscp ef
permit ip any any <---- Don't forget about the ip any any
interface serx/y
ip access-group TEST in
if you are sending traffic out the cloud with DSCP value 46, they should
arrive at the remote location with the DSCP value of 46 and that type
acl entry should increment. If not they're stripping it, or your not
sending it.
Don't forget about TCP MSS and IP MTU.
HTH,
NIck Griffin
On Fri, Jun 5, 2009 at 11:57 AM, Eric Pedersen <eric.pedersen at sait.ca>
wrote:
Thanks for the links Wes; I was unable to find information on
what the default behaviour is. I like it when configuration tasks are
"None".
I have not tested it yet - I will be doing that next week.
From: Wes Sisk [mailto:wsisk at cisco.com]
Sent: June 4, 2009 21:09
To: Eric Pedersen
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] GRE tunnel with QoS
I've not tested it but:
http://www.cisco.com/en/US/docs/ios/11_3/feature/guide/greqos.html
Configuration Tasks
None; this feature occurs by default.
http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a
008017405e.shtml
Do you have indication that it is not working?
/Wes
On Thursday, June 04, 2009 8:54:37 PM, Eric Pedersen
<eric.pedersen at sait.ca> <mailto:eric.pedersen at sait.ca> wrote:
I want to set up a GRE tunnel to a remote site over our
provider's MPLS VPN service. They classify our voice traffic based on
dscp. Does someone have an example of how to set this up so that when
packets are tunneled, their DSCP values are copied to the GRE packet
headers?
Thanks,
Eric
________________________________
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
Confidentiality Note: This electronic message transmission is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. If you have received this transmission, but are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this e-mail in error, please contact me at 315/438-8474 and delete and destroy the original message and all copies.
Go Paperless * Reduce Clutter * Save Trees
More information about the cisco-voip
mailing list