RE: CBWFQ not working on 1603 for VOICE--HELP NEEDED URGENTLY

From: FZahrt@NECBNS.com
Date: Sat Oct 05 2002 - 09:15:56 GMT-3

I have noticed that sometimes the CBWFQing does not work like it should.
Voice packets are bypassing the priority queue, even though everything
matches to be prioritized (UPD streams 16384-32767). The suggestion below of
tagging on the Ethernet interface is what I have done for a few of our
customers with a policy map. Simply match anything coming into the Ethernet
interface and set the IP Precedence to 5. Then adjust your priority queue to
reflect matching of QoS of 5. Also, one step further would be the
reclassification of all DATA to ToS of 0 (another policy map). Here's what I
have done in the past (IPs hidden as this is a live config) on a trunk port
going to a 2620:

interface FastEthernet0/0
 no ip address
 speed 100
 full-duplex
!
interface FastEthernet0/0.1
 description Management VLAN
 encapsulation dot1Q 1 native
 ip address x.x.x.x 255.255.255.240
!
interface FastEthernet0/0.10
 description data VLAN
 encapsulation dot1Q 10
 ip address x.x.x.x 255.255.255.0
 ip policy route-map mark0
!
interface FastEthernet0/0.100
 description voice vlan
 encapsulation dot1Q 100
 ip address x.x.x.x 255.255.255.128
 ip helper-address x.x.x.x
 ip policy route-map mark5

  Note the policy route-map above. It matches to this below:

route-map mark5 permit 10
 set ip precedence critical
!
route-map mark0 permit 10
 set ip precedence routine

  Since they function in the inbound direction, the above works well. Now we
setup the CBWFQing (this is a 512k CIR line, voice is on G729a, so bandwidth
is fine):

class-map match-all ds1voice
  match ip precedence 5
!
!
policy-map DS1QOS
  class ds1voice
    priority 256
  class class-default
   fair-queue 128

  Again, note the 'class-default' queue. This is a standard queue that needs
to be configured per Cisco (it's there whether you configure it or not), the
values dependent on the speed of the line. Finally we bind it to a
frame-relay map (if you have just an HDLC connection, simply add it to its
interface. Since this is frame-relay, we have a few extra steps):

map-class frame-relay NEWQOS
 no frame-relay adaptive-shaping
 frame-relay cir 512000
 frame-relay mincir 512000
 service-policy output DS1QOS

interface Serial0/0.103 point-to-point

 ip address x.x.x.x 255.255.255.252
 no ip route-cache
 no ip mroute-cache
 frame-relay interface-dlci 103
  class NEWQOS
 frame-relay ip rtp header-compression

  And Viola! It works. We have TRIED to break this, and it cannot be broken
by flooding the link with FTP traffic; then making one voice call after
another choked the FTP traffic quite well. I hope the above is not too
convoluted, but it works...and it works well.

Regards,
Frank

Frank Zahrt III
CCDP, CCNP Voice Specialist, CCSE, FSCE
NEC Senior Network Engineer
321-331-6226

 

-----Original Message-----
From: Adarsh Singh [mailto:adarshs@hclinfinet.net]
Sent: Saturday, October 05, 2002 6:30 AM
To: Erick B.; CCIE Group Study (E-mail)
Subject: Re: CBWFQ not working on 1603 for VOICE--HELP NEEDED URGENTLY

Hi

Do i need to mark packets on the ethernet port first , by using the
acces-list as you have mentioned

access-list 100 permit ip any any precedence critical
> access-list 100 permit udp any any range 16384 32767
> access-list 100 permit ip any any dscp ef
> access-list 100 permit udp any range 16384 32767 any

But in my scenario i would be marking the packets only between the first
voip box & the second one , i.e 10.66.6.126 & 10.66.6.35.
How do i apply the marking of the packets on the ethernet, could you tell
me how do that part , do i need to apply this marking on both ends of the
router at the ethernet port.

This is test setup so i have no other traffic between the two routers .
Inspite of the fact thet packets are matching the qos is not working, the
voice is still breaking a lot .
the current config for the serial port for both routers are as follows :

router 1

class-map voice
  match access-group 102
!
!
policy-map test
  class voice
    priority 30
  class class-default
   fair-queue
policy-map tes

interface Serial0
 description connected to Infinet 64K leased line for vpn
 bandwidth 64
 ip address 10.66.2.122 255.255.255.252
 no ip route-cache
 no ip mroute-cache
 load-interval 30
 max-reserved-bandwidth 90
 service-policy output test
 clockrate 64000

access-list 102 permit udp host 10.66.6.124 gt 20000 host 10.66.6.36 gt
20000

router 2

class-map voice
  match access-group 102
!
!
policy-map test
  class voice
    priority 30
  class class-default
   fair-queue
!
interface Serial0
 description connected to Internet
 bandwidth 64
 ip address 10.66.2.98 255.255.255.252
 no ip route-cache
 no ip mroute-cache
 load-interval 30
 max-reserved-bandwidth 90
 service-policy output test
!
access-list 102 permit udp host 10.66.6.36 gt 20000 host 10.66.6.124 gt
20000

Kindly let me know if you have any ideas.

Rgds
Adarsh

Adarsh
----- Original Message -----
From: "Erick B." <erickbe@yahoo.com>
To: "Adarsh Singh" <adarshs@hclinfinet.net>; "CCIE Group Study (E-mail)"
<ccielab@groupstudy.com>
Sent: Friday, October 04, 2002 9:35 PM
Subject: Re: CBWFQ not working on 1603 for VOICE--HELP NEEDED URGENTLY

> Try making your classes and ACLs more detailed.
>
> class-map match-all voip_traffic
> match access-group 100
> class-map match-all voip_control
> match access-group 101
>
> policy-map llq_256_voice_3calls
> class voip_traffic
> priority 134
> class voip_control
> bandwidth 8
> class class-default
> fair-queue
>
> access-list 100 permit ip any any precedence critical
> access-list 100 permit udp any any range 16384 32767
> access-list 100 permit ip any any dscp ef
> access-list 100 permit udp any range 16384 32767 any
> access-list 101 permit tcp any range 2000 2002 any
> access-list 101 permit tcp any any range 2000 2002
> access-list 101 permit tcp any range 11000 11999 any
> access-list 101 permit tcp any any range 11000 11999
> access-list 101 permit tcp any any eq 1720
> access-list 101 permit tcp any eq 1720 any
>
>
> --- Adarsh Singh <adarshs@hclinfinet.net> wrote:
> > Hi Erik
> >
> > I am getting the matched packets on the access-list
> > for the ip packets, but
> > still when i start the voice conversation between
> > the two boxes, it is not
> > reserving the 40 Kbps , when the ftp is going on ,
> > the traffic reaches to
> > 62 Kbps , and the voice breaks while talking ,pls do
> > suggest what to do.
> >
> > Rgds
> > Adarsh Singh
> > ----- Original Message -----
> > From: "Erick B." <erickbe@yahoo.com>
> > To: "Adarsh Singh" <adarshs@hclinfinet.net>; "CCIE
> > Group Study (E-mail)"
> > <ccielab@groupstudy.com>
> > Sent: Friday, October 04, 2002 10:54 AM
> > Subject: Re: CBWFQ not working on 1603 for
> > VOICE--HELP NEEDED URGENTLY
> >
> >
> > > Thats because UDP is being matched by the first
> > entry
> > > in the ACL. ACL stops processing after a match. IP
> > > covers ICMP, UDP, and TCP.
> > >
> > > --- Adarsh Singh <adarshs@hclinfinet.net> wrote:
> > > > Hi ,=20
> > > >
> > > > I have been trying to implement CBWFQ between
> > two
> > > > cisco 1603 routers.
> > > >
> > > >
> > > > PC
> > > > |
> > > >
> > >
> >
> OAHO(router1)(serial0)------backtoback-------(serial0)OAREMOTE(router2)--=
> > > > --VOIPBOX1(10.66.6.126)
> > > > |
> > (64
> > > > Kbps) =
> > > >
> > |
> > > > |
> > > > =
> > > >
> > > > PC
> > > >
> > > > VOIPBOX2
> > > > (10.66.6.35)
> > > >
> > > > Now the default queing for the two routers is
> > > > Weighted fair quwing .
> > > >
> > > > Now i have reserved 30 Kbps bandwidth between
> > the
> > > > two router for the =
> > > > voice traffic , the voipbox is uing UDP ports
> > > > greater than 20000.
> > > >
> > > > So after configuring the routers , i do a
> > multiple
> > > > ftp sessions between =
> > > > the two PC, so that the traffic between the two
> > > > serial interfaces =
> > > > touches 62 Kbps .
> > > >
> > > > Now when i start talking between the two VOIP
> > boxes
> > > > , i dont see the =
> > > > CBWFQ kicking in & reserving the necessary
> > bandwidth
> > > > as i have =
> > > > provisioned .
> > > >
> > > > I am enclosing both the router configuration :
> > > >
> > > > CONFIG OF OAHO=20
> > > >
> > > > OAHO=20
> > > >
> > > > sh ru=20
> > > > Building configuration...
> > > >
> > > > Current configuration : 1146 bytes
> > > > !
> > > > version 12.1
> > > > no service single-slot-reload-enable
> > > > service timestamps debug uptime
> > > > service timestamps log uptime
> > > > no service password-encryption
> > > > !
> > > > hostname OAHO
> > > > !
> > > > !
> > > > !
> > > > class-map voice
> > > > match access-group 101
> > > > !
> > > > !
> > > > policy-map test
> > > > class voice
> > > > priority 40
> > > > !
> > > > ip subnet-zero
> > > > ip tftp source-interface Ethernet0
> > > > !
> > > > !
> > > > interface Ethernet0
> > > > description connected to EthernetLAN_1
> > > > ip address 10.66.6.33 255.255.255.248
> > > > no cdp enable
> > > > !
> > > > interface Serial0
> > > > description connected to Internet
> > > > bandwidth 64
> > > > ip address 10.66.2.98 255.255.255.252
> > > > no ip route-cache
> > > > no ip mroute-cache
> > > > service-policy output test=20
> > > > load-interval 30
> > > > max-reserved-bandwidth 90
> > > > !
> > > > interface BRI0
> > > > no ip address
> > > > shutdown
> > > > ip classless
> > > > ip route 0.0.0.0 0.0.0.0 10.66.2.97
> > > > no ip http server
> > > > !
> > > > access-list 101 permit ip host 10.66.6.35 host
> > > > 10.66.6.126
> > > > access-list 101 permit udp host 10.66.6.35 gt
> > 20000
> > > > host 10.66.6.126 gt =
> > > > 20000
> > > > dialer-list 1 protocol ip permit
> > > > tftp-server flash:c1600-sy-mz.121-15.bin
> > > > !
> > > > line con 0
> > > > exec-timeout 0 0
> > > > password vpn
> > > > login
> > > > line vty 0 4
> > > > exec-timeout 60 0
> > > > password vpn
> > > > login
> > > > transport preferred none
> > > > !
> > > > end
> > > >
> > > > OAHO# show po
> > > > OAHO# show policy-map=20
> > > > Policy Map test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Bandwidth 40 (kbps)
> > > >
> > > > OAHO#show policy-map=20
> > > > Policy Map test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Bandwidth 40 (kbps)
> > > >
> > > > OAHO#show policy-map int se 0
> > > > OAHO#show int se 0
> > > > Serial0 is up, line protocol is up=20
> > > > Hardware is QUICC Serial
> > > > Description: connected to Internet
> > > > Internet address is 10.66.2.98/30
> > > > MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,=20
> > > > reliability 255/255, txload 3/255, rxload
> > 3/255
> > > > Encapsulation HDLC, loopback not set
> > > > Keepalive set (10 sec)
> > > > Last input 00:00:00, output 00:00:00, output
> > hang
> > > > never
> > > > Last clearing of "show interface" counters
> > > > 00:08:54
> > > > Input queue: 0/75/0/0
> > (size/max/drops/flushes);
> > > > Total output drops: 0
> > > > Queueing strategy: fifo
> > > > Output queue :0/40 (size/max)
> > > > 30 second input rate 1000 bits/sec, 4
> > packets/sec
> > > > 30 second output rate 62000 bits/sec, 3
> > > > packets/sec
> > > > 816 packets input, 39184 bytes, 0 no buffer
> > > > Received 69 broadcasts, 0 runts, 0 giants,
> > 0
> > > > throttles
> > > > 0 input errors, 0 CRC, 0 frame, 0 overrun,
> > 0
> > > > ignored, 0 abort
> > > > 717 packets output, 46507 bytes, 0
> > underruns
> > > > 0 output errors, 0 collisions, 1 interface
> > > > resets
> > > > 0 output buffer failures, 0 output buffers
> > > > swapped out
> > > > 6 carrier transitions
> > > > DCD=3Dup DSR=3Dup DTR=3Dup RTS=3Dup
> > > > CTS=3Dup
> > > > --
> > > >
> > > > OAHO#show queue se 0
> > > > Show queue not supported with FIFO queueing
> > > >
> > > > OAREMOTE CONFIG
> > > >
> > > >
> > > > sh ru=20
> > > > Building configuration...
> > > >
> > > > Current configuration : 1316 bytes
> > > > !
> > > > version 12.1
> > > > no service single-slot-reload-enable
> > > > service timestamps debug uptime
> > > > service timestamps log uptime
> > > > no service password-encryption
> > > > !
> > > > hostname OAREMOTE
> > > > !
> > > > enable secret 5 $1$r1WR$YWvapuJdPcjur/4S6MRKv.
> > > > !
> > > > username dlinpc password 0 npc
> > > > username noidad32 password 0 d32
> > > > !
> > > > class-map voice
> > > > match access-group 101
> > > > !
> > > > !
> > > > policy-map test
> > > > class voice
> > > > priority 40
> > > > ip subnet-zero
> > > > !
> > > > isdn switch-type basic-net3
> > > > !
> > > > !
> > > > !
> > > > interface Ethernet0
> > > > ip address 10.66.6.121 255.255.255.248
> > > > ip nat inside
> > > > no cdp enable
> > > > !
> > > > interface Serial0
> > > > description connected to Infinet 64K leased
> > line
> > > > for vpn
> > > > bandwidth 64
> > > > ip address 10.66.2.122 255.255.255.252
> > > > no ip route-cache
> > > > no ip mroute-cache
> > > > load-interval 30
> > > > max-reserved-bandwidth 90
> > > > service-policy output test
> > > > clockrate 64000
> > > > !
> > > > interface BRI0
> > > > description connected to NPC/D32
> > > > no ip address
> > > > encapsulation ppp
> > > > isdn switch-type basic-net3
> > > > no fair-queue
> > > > no cdp enable
> > > > !
> > > > ip classless
> > > > ip route 0.0.0.0 0.0.0.0 10.66.2.121
> > > > no ip http server
> > > > !
> > > > access-list 101 permit ip host 10.66.6.126 host
> > > > 10.66.6.35
> > > > access-list 101 permit udp host 10.66.6.126 gt
> > 20000
> > > > host 10.66.6.36 gt =
> > > > 20000
> > > > dialer-list 1 protocol ip permit
> > > > !
> > > > line con 0
> > > > exec-timeout 0 0
> > > > password 111
> > > > login
> > > > line vty 0 password 111
> > > > login
> > > > !
> > > > end
> > > >
> > > > OAREMOTE# show po
> > > > OAREMOTE# show policy-map=20
> > > > Policy Map test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Bandwidth 40 (kbps)
> > > > OAREMOTE#show po
> > > > OAREMOTE#show policy-map int se 0
> > > > Serial0 output : test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Output Queue: Conversation 24=20
> > > > Bandwidth 40 (kbps) Packets Matched 40
> > > > (total drops/bytes drops) 5/380
> > > > OAREMOTE#sjh=08 =08=08 =08=FF
> > > >
> > > > User Access Verification
> > > >
> > > > Password: =07=FF
> > > > OAHO>telnet 10.66.6.12=08 =08=08 =08121
> > > > Trying 10.66.6.121 ... Open
> > > >
> > > >
> > > > =20
> > > >
> > > > OAREMOTE#show policy-map=20
> > > > Policy Map test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Bandwidth 40 (kbps)
> > > > OAREMOTE#show po
> > > > OAREMOTE#show policy-map int se 0
> > > > Serial0 output : test
> > > > Weighted Fair Queueing
> > > > Class voice=20
> > > > Strict Priority
> > > > Output Queue: Conversation 24=20
> > > > Bandwidth 40 (kbps) Packets Matched 40
> > > > (total drops/bytes drops) 5/380
> > > > =20
> > > > =20
> > > > =20
> > > > =20
> > > > Now when i even see the access-list 101 , i dont
> > see
> > > > any match for the =
> > > > UDP packets while talking , i fail to undertand
> > that
> > > > because when i do =
> > > > debug ip packet detail , i see the udp ports
> > been
> > > > used while talking =
> > > > between the voip box .
> > > > =20
> > > > Can some one help me out with this....needed
> > help
> > > > urgently .
> > >
> > >
> > >
> > > __________________________________________________
> > > Do you Yahoo!?
> > > New DSL Internet Access from SBC & Yahoo!
> > > http://sbc.yahoo.com
>
>
> __________________________________________________
> Do you Yahoo!?
> New DSL Internet Access from SBC & Yahoo!
> http://sbc.yahoo.com

This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:39 GMT-3