QoS http://cisconet.com/qos.html Tue, 26 Sep 2017 05:21:08 +0000 Joomla! 1.5 - Open Source Content Management en-gb NBAR software down for Cisco router http://cisconet.com/qos/qos-general/551-nbar-software-down-for-cisco-router.html http://cisconet.com/qos/qos-general/551-nbar-software-down-for-cisco-router.html Here is the link to get NBAR(Network Based Application Recognition) PDLM(Packet Description Language Modules) for CIsco gears


chris.yoon@wirethink.com (CiscoNET) QoS General Thu, 01 Apr 2010 03:46:37 +0000
Optimize VOIP traffic with RTP compression and priority http://cisconet.com/qos/cisco-qos-configuration/547-optimize-voip-traffic-with-rtp-compression-and-priority.html http://cisconet.com/qos/cisco-qos-configuration/547-optimize-voip-traffic-with-rtp-compression-and-priority.html Here is simple configuration for VOIP traffic makes more efficiently handling by WAN or Interconnect.

Router-RTP-1(config)# class-map VOIP
Router-RTP-1(config-cmap)# match protocol rtp

Router-RTP-1(config)# policy-map VOIP_SHAPE
Router-RTP-1(config-pmap)# class VOIP
Router-RTP-1(config-pmap-c)# priority percent 75
Router-RTP-1(config-pmap-c)# compression header ip rtp


chris.yoon@wirethink.com (CiscoNET) Cisco QoS Configuration Wed, 31 Mar 2010 19:33:30 +0000
Applying LFI on Multilink PPP for Real-Time Traffic(VOIP) http://cisconet.com/qos/cisco-qos-configuration/546-applying-lfi-on-multilink-ppp-for-real-time-trafficvoip.html http://cisconet.com/qos/cisco-qos-configuration/546-applying-lfi-on-multilink-ppp-for-real-time-trafficvoip.html LFI stands for Link Fragmentation and interleaving is not of QoS mechanism. However, it is help for real-time traffic such as VOIP on small size of link. LFI on Multilink PPP allows large packets to be fragmented into a small size to fit a minimum delay requirement for real-time traffic. Also, interleaving function provides a special transmit queue for the high priority traffic can be sent earlier than others.

1. Configuring LFI on Multilink PPP

Router-LFI-1#conf t
Router-LFI-1(config)# interface multilink 1
Router-LFI-1(config-if)# ppp multilink fragment delay 10 ; 10ms for VOIP delay requirement
Router-LFI-1(config-if)# ppp multilink interleave
Router-LFI-1(config-if)# ip address
Router-LFI-1(config-if)# bandwidth 1536 ; Specify for auto fragmentation calculation
Router-LFI-1(config-if)# ppp multilink endpoint hostname

Router-LFI-1(config-if)# interface serial1/0
Router-LFI-1(config-if)# encapsulation ppp
Router-LFI-1(config-if)# ppp multilink group 1


chris.yoon@wirethink.com (CiscoNET) Cisco QoS Configuration Wed, 31 Mar 2010 18:46:58 +0000
VOIP QoS sample http://cisconet.com/qos/cisco-qos-configuration/541-voip-qos-sample.html http://cisconet.com/qos/cisco-qos-configuration/541-voip-qos-sample.html 1. Configure class map

Cisco-QoS#conf t
Cisco-QoS(config)#class-map EF
Cisco-QoS(config-cmap)#match ip precedence 5

Cisco-QoS#sh class-map EF
 Class Map match-any EF (id 1)
   Match ip  precedence 5       

Cisco-QoS#sh class-map class-default
 Class Map match-any class-default (id 0)
   Match any 


2. Configure policy map

Cisco-QoS#conf t
Cisco-QoS(config)#policy-map voip
Cisco-QoS(config-pmap)#priority percent 90
Cisco-QoS(config-pmap)#police cir percent 90 bc 25 ms be 25 ms
Cisco-QoS(config-pmap-c-police)#conform-action transmit
Cisco-QoS(config-pmap-c-police)#exceed-action drop

Cisco-QoS(config-pmap-c-police)#class class-default
Cisco-QoS(config-pmap-c)#random-detect precedence 0 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 1 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 2 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 3 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 4 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 5 19 64 1
Cisco-QoS(config-pmap-c)#random-detect precedence 6 64 70 1
random-detect precedence 7 64 70 1

Cisco-QoS#sh policy-map voip
  Policy Map voip
    Class EF
     police cir percent 90 bc 25 ms be 25 ms
       conform-action transmit
       exceed-action drop
      Strict Priority
      Bandwidth 90 (%)
    Class class-default
      Bandwidth 10 (%)
            exponential weight 9
            class    min-threshold    max-threshold    mark-probablity

            0          19                 64               1/1
            1          19                 64               1/1
            2          19                 64               1/1
            3          19                 64               1/1
            4          19                 64               1/1
            5          19                 64               1/1
            6          64                 70               1/1
            7          64                 70               1/1
            rsvp       -                  -                1/10



3. Apply service policy to interface


Cisco-QoS#conf t
Cisco-QoS(config)#interface serial1/1
service-policy output voip


chris.yoon@wirethink.com (CiscoNET) Cisco QoS Configuration Mon, 29 Mar 2010 04:17:56 +0000
Basic QoS http://cisconet.com/qos/qos-general/138-basic-qos.html http://cisconet.com/qos/qos-general/138-basic-qos.html  

  • There are 4 priority queues: high, medium, normal, low.
  • The default queue is the normal queue, by default.
  • The high and medium queues have precedence over the default queue.
  • The classification is configurable via the command ‘priority-list’

chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 02:46:22 +0000
CAR(Committed Access Rate) ? http://cisconet.com/qos/qos-general/137-carcommitted-access-rate-.html http://cisconet.com/qos/qos-general/137-carcommitted-access-rate-.html Committed Access Rate (CAR) is used to rate limit traffic. In this example, all ICMP traffic that exceeds the defined level will be dropped. This will prevent an ICMP flood attack from saturating the link.

CAR definition: Rate limiting is one mechanism to use to allow a network to run in a degraded manner, but remain up when it is receiving a stream of Denial of Service (DoS) attack packets as well actual network traffic. Rate limiting can be achieved in a number of methods using Cisco IOS® software. Namely, through Committed Access Rate (CAR), Traffic Shaping, and both Shaping and Policing through Modular Quality of Service Command Line Interface (QoS CLI).

Here is how the extended burst capability works. If a packet arrives and needs to borrow n number of tokens because the token bucket contains fewer tokens than its packet size requires, then CAR compares the following two values:

  • o  Extended burst parameter value
  • o  Compounded debt. Compounded debt is computed as the sum over all ai.

- I indicates the ith packet that attempts to borrow tokens since the last time a packet was dropped.
- A indicates the actual debt value of the flow after packet i is sent. Actual

  • debt is simply a count of how many tokens the flow has currently borrowed.

If the compounded debt is greater than the extended burst value, CAR's exceed action takes effect. After a packet is dropped, the compounded debt is effectively set to 0. CAR will compute a new compounded debt value equal to the actual debt for the next packet that needs to borrow tokens.
If the actual debt is greater than the extended limit, all packets will be dropped until the actual debt is reduced through accumulation of tokens in the token bucket.

In an effort to minimize the risks associated from DOS and ICMP flooding attacks, the following is configured on the serial interface of a router:

interface serial 1/0
rate-limit input access-group 111 128000 400 400 conform-action transmit exceed-action drop
access-list 111 permit icmp any any

How to calculate Burst-Normal and Burst-Max(Normally)

Burst-Normal = configured rate * 1/8 * 1.5 seconds (1/8 for convert bit to byte)

Burst-Max = Burst-normal * 2

For Example
rate-limit output 496000 93000 186000 conform-action transmit exceed-action drop

Reference: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c/qcpart4/qcpolts.htm

chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 02:42:09 +0000
Random Early Detection (RED)? http://cisconet.com/qos/qos-general/136-random-early-detection-red.html http://cisconet.com/qos/qos-general/136-random-early-detection-red.html Random Early Detection (RED) is a congestion avoidance mechanism that takes advantage of TCP's congestion control mechanism.
When it comes to Quality of Service, there are 2 separate approaches. The first is congestion management, which is setting up queues to ensure that the higher priority traffic gets serviced in times of congestion. The other is congestion avoidance, which works by dropping packets before congestion on the link occurs.
RED takes a proactive approach to congestion. Instead of waiting until the queue is completely filled up, RED starts dropping packets with a non-zero drop probability after the average queue size exceeds a certain minimum threshold. A drop probability ensures that RED randomly drops packets from only a few flows, avoiding global synchronization. A packet drop is meant to signal the TCP source to slow down. Responsive TCP flows slow down after packet loss by going into slow start mode.


Reference: ‘IP Quality of Service’ from, Cisco Press

chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 02:40:05 +0000
Weighted RED (WRED)? http://cisconet.com/qos/qos-general/135-weighted-red-wred.html http://cisconet.com/qos/qos-general/135-weighted-red-wred.html
The WRED algorithm provides congestion avoidance on network interfaces by providing buffer management, and by allowing Transmission Control Protocol (TCP) traffic to throttle back before buffers are exhausted. This helps avoid tail drops and global synchronization issues, maximizing network usage and TCP-based application performance. WRED works by selectively dropping packets before congestion occurs, so it is considered to be a congestion avoidance feature.


  • WRED is a congestion avoidance mechanism, based on the adaptive nature of TCP traffic for congestion.
  • WRED allows for differentiated dropping behavior based on either IP precedenceor DSCP.
  • WRED is configurable in a CBWFQ policy-map.



chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 02:36:03 +0000
[Cisco] How to limit rate on interface ? http://cisconet.com/qos/qos-general/134-cisco-how-to-limit-rate-on-interface-.html http://cisconet.com/qos/qos-general/134-cisco-how-to-limit-rate-on-interface-.html The command 'rate-limit' is interface configuration command. It is used to setup a committed access rate (CAR) and distributed CAR (DCAR) policies. To remove the rate limit from the configuration, as you know, use the no form of this command.

rate-limit {input | output} [dscp dscp-value] [access-group [rate-limit] acl-index]
bps burst-normal burst-max conform-action conform-action exceed-action

no rate-limit {input | output} [dscp dscp-value] [access-group [rate-limit]
acl-index] bps burst-normal burst-max conform-action conform-action exceed-action

input Applies this CAR traffic policy to packets received on this input interface.
output Applies this CAR traffic policy to packets sent on this output interface .
dscp (Optional) Allows the rate limit to be applied to any packet matching a specified differentiated services code point (DSCP).
access-group (Optional) Applies this CAR traffic policy to the specified access list.
rate-limit (Optional) The access list is a rate-limit access list.
bps Average rate, in bits per second (bps). The value must be in increments of 8 kbps.
burst-normal Normal burst size, in bytes. The minimum value is bps divided by 2000.
burst-max Excess burst size, in bytes.
conform-action Action to take on packets that conform to the specified rate limit. Specify one of the following keywords .
exceed-action Action to take on packets that exceed the specified rate limit. Specify one of the following keywords .

o  CAR and DCAR can only be used with IP traffic. Non-IP traffic is not rate limited.
o  CAR and DCAR can be configured on an interface or subinterface. However, CAR and DCAR are not supported on the Fast EtherChannel, tunnel, or PRI interfaces, nor on any interface that does not support Cisco Express Forwarding (CEF).
o  CEF must be enabled on the interface before you configure CAR or DCAR.

Policing Traffic with CAR


CAR embodies a rate-limiting feature for policing traffic. When policing traffic with CAR, Cisco recommends the following values for the normal and extended burst parameters:

Burst-normal = configured rate * 1/8 * 1.5 seconds (1/8 for convert bit to byte)
Burst-max = Burst-normal * 2


Examples 1.

FTP traffic is sent with an MPLS experimental field of 5 if it conforms to the second rate policy. If the FTP traffic exceeds the rate policy, it is dropped. See the following commands in the example:

rate-limit imput access-group 122 10000000 1875000 3750000 confirm-action
mpls-exp 5 exceed-action drop

access-list 122 permit tcp any any eq ftp


Examples 2.


Below example is shown two access lists are created to classify the web and FTP traffic so that they can be handled separately by the CAR feature:

interface Serial 0/1
Description T3 to MR
rate-limit imput access-group 111 10000000 1875000 3750000 conform-action drop
rate-limit imput access-group 122 8000000 1500000 3000000 conform-action drop
rate-limit imput access-group 133 20000000 3750000 7500000 conform-action drop

access-list 111 permit tcp any any eq www
access-list 122 permit tcp and any eq ftp

Reference; http://www.cisco.com/en/US/customer/docs/ios/12_2/qos/command/reference/qrfcmd8.html


chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 02:10:23 +0000
Easy QoS 101 - What is QoS(Qaulity of Service) http://cisconet.com/qos/qos-general/128-easy-qos-101-what-is-qosqaulity-of-service.html http://cisconet.com/qos/qos-general/128-easy-qos-101-what-is-qosqaulity-of-service.html QoS(Qaulity of Service), it is definetly one of hot topic in IT fields. Economically, most companes are suffering in thesedays. IT budget got cut seriousely and nothing bright in near future. Owners don't want to spend a dollar to IT property. Internet traffic is continuousely growing, demanding more bandwidth as big time. Because I am working on ISP industry, I can tell how many customer's Internet pipe is bursted, and it results latency and low performance in daily basis. No more investment and bling bling, so customers are looking around to see any alternative solution to get better circumstance and escape from the hell. If your job is computer related or have to stick with Internet, slow connection will kill you in a minute and make you upset easily. No doubt! QoS is way to go, but it is not easy to deploy if you are not familiar with QoS technology or lack of knowledge.
It would be a good time for me to refesh my brain.

1. Easy QoS 101 - What is QoS(Quality of Service)
2. Easy QoS 101 - QoS protocols
3. Easy QoS 101 - Queuing Techniques
4. Easy QoS 101 - Shaping & Policying
5. Easy QoS 101 - Queuing family
6. Easy QoS 101 - Congestion Avoidance
7. Easy QoS 101 - Applying QoS and examples



chris.yoon@wirethink.com (CiscoNET) QoS General Wed, 06 May 2009 01:38:42 +0000