From: Alexei Monastyrnyi (alexeim@orcsoftware.com)
Date: Thu Nov 27 2008 - 08:28:39 ARST
Hei Kim.
I see you refer to RFC 1918 addresses with a class/policy applied to the outside interface. You may have an issue with them already been translated if you have a NAT over your outside interface. Your QoS ACL doesn't have any matches, have you noticed that?
Here is what I use for voice traffic, seems to work well.
class-map Voice
match dscp ef
!
policy-map VoicePolicy
class Voice
priority
class class-default
!
priority-queue outside
service-policy VoicePolicy interface outside
asa# sho service-policy inter outside
Interface outside:
Service-policy: VoicePolicy
Class-map: Voice
Priority:
Interface outside: aggregate drop 0, aggregate transmit 10745759
Class-map: class-default
Default Queueing
asa# show priority-queue statistics outside
Priority-Queue Statistics interface outside
Queue Type = BE
Tail Drops = 0
Reset Drops = 0
Packets Transmit = 4356223666
Packets Enqueued = 0
Current Q Length = 0
Max Q Length = 0
Queue Type = LLQ
Tail Drops = 0
Reset Drops = 0
Packets Transmit = 10745759
Packets Enqueued = 0
Current Q Length = 0
Max Q Length = 0
In ASA 7.2 config guide they apply a QoS service-policy globally, you may be interested in that piece of configuration:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/qos.html
Watch them use match tunnel-group and match flow ip things.
HTH,
A.
________________________________________
From: nobody@groupstudy.com [nobody@groupstudy.com] On Behalf Of Kim teu [kim.teu@gmail.com]
Sent: Thursday, November 27, 2008 2:02 AM
To: Cisco certification; Cisco certification
Subject: ASA priority queue not matching any traffic
Hello group,
I have the priority queue configured for SIP traffic below, but the show
service-policy and the ACL are not matching any traffic. However, the show
conn shows the traffic...
sho service-policy
Interface outside:
Service-policy: VOICEPOLICY
Class-map: VOICE
Priority:
Interface outside: aggregate drop 0, aggregate transmit 0
priority-queue outside
class-map VOICE
match access-list QOS
!
!
policy-map VOICEPOLICY
class VOICE
priority
!
service-policy VOICEPOLICY interface outside
access-list QOS line 1 extended permit udp host 194.120.0.198 eq sip host
10.26.26.53 eq sip (hitcnt=0) 0x77f15290
access-list QOS line 2 extended permit udp any 10.26.26.0 255.255.255.0 eq
sip (hitcnt=0) 0x7600f06f
access-list QOS line 3 extended permit udp any 10.26.26.0 255.255.255.0 eq
www (hitcnt=0) 0x59b66261
access-list QOS line 4 extended permit udp any 10.26.26.0
255.255.255.0range 16384 16482 (hitcnt=0) 0xddc0a3f3
access-list QOS line 5 extended permit udp 10.26.26.0 255.255.255.0 range
16384 16482 any (hitcnt=0) 0x9bf0ba19
-- May All Behappy!!! Kim Loon Teu UE=uBW CCIE 19369 www.kimteu.com http://www.linkedin.com/in/kimteuAll conditioned phenomena Are like a dream, an illusion, a bubble, a shadow Like the dew, or like lightning You should discern them like this R;GPSPN*7(#,HgCN;CE]S0#,HgB6R`Hg5g#,S&WwHgJG9[
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:32 ARST