Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Low latency queueing over Tunnel interfaces

Reply
Thread Tools

Low latency queueing over Tunnel interfaces

 
 
Scooty
Guest
Posts: n/a
 
      08-30-2006
Hi
Can anyone tell me if you can do low latency queueing over tunnel
interfaces?
We wish to setup some QOS for a client between their sites over the
tunnels that are currently in place
Here are tags used for Qos.
Priority Class for Signaling Data: AF31
Priority Class for Fax/Modem Payload: AF11
Priority Class for Network Control: CS7
Priority Class for Voice Payload: EF
QoS Procedure: Autodetect

Any suggestions and or pointers would be most welcome

Regards

Scott

 
Reply With Quote
 
 
 
 
KingKey
Guest
Posts: n/a
 
      08-30-2006
Maybe this document will help.
http://www.cisco.com/en/US/products/...0804dfa7f.html

Thanks,
KK


Scooty wrote:
> Hi
> Can anyone tell me if you can do low latency queueing over tunnel
> interfaces?
> We wish to setup some QOS for a client between their sites over the
> tunnels that are currently in place
> Here are tags used for Qos.
> Priority Class for Signaling Data: AF31
> Priority Class for Fax/Modem Payload: AF11
> Priority Class for Network Control: CS7
> Priority Class for Voice Payload: EF
> QoS Procedure: Autodetect
>
> Any suggestions and or pointers would be most welcome
>
> Regards
>
> Scott


 
Reply With Quote
 
 
 
 
Bod43@hotmail.co.uk
Guest
Posts: n/a
 
      08-30-2006

KingKey wrote:
> Maybe this document will help.
> http://www.cisco.com/en/US/products/...0804dfa7f.html
>
> Thanks,
> KK
>
>
> Scooty wrote:
> > Hi
> > Can anyone tell me if you can do low latency queueing over tunnel
> > interfaces?
> > We wish to setup some QOS for a client between their sites over the
> > tunnels that are currently in place
> > Here are tags used for Qos.
> > Priority Class for Signaling Data: AF31
> > Priority Class for Fax/Modem Payload: AF11
> > Priority Class for Network Control: CS7
> > Priority Class for Voice Payload: EF
> > QoS Procedure: Autodetect
> >
> > Any suggestions and or pointers would be most welcome


OK.

This really, really works.
I have been hacking at this for about a year and
finally, recently, I got it to actually work.
One problem is that the behaviour varies between platforms.
To me this is not at all documented on CCO.

The following does work on a 2801 and does not work on an 837.
It looks like it will work on an 877/878. It does not work on an 857.

Shapes then priority queues.

class-map match-any ClM.voice
match dscp ef
match dscp cs3
match access-group name ACL.voice.sources
! above line is hack since our QoS is not really OK,
!
!
policy-map PM.450000.child
class ClM.voice
priority 200 ! 200kbps for voice
set dscp ef ! We need to set the DSCP values for pkts that
! are not already set since once it is in the
GRE then IPSEC
! tunnel we cannot match by address.
policy-map PM.450000.parent
class class-default
shape average 450000 ! this is for a 512k ADSL. //BE CONSERVATIVE//
!! 256k link is OK with 210000 but gets wrecked with 220000.
service-policy PM.450000.child

interface Tunnel17000
ip address 172.19.6.1 255.255.255.252
service-policy output PM.450000.parent

The above tunnel is over an ADSL with 512k bps.

The plan is to shape the traffic so that the ADSL can handle it
when it gets there and then to prioritise voice traffic within that
limit.


Here is some stuff I wrote the other day -
It is the whole thing, proven test results everything.
QoS over tunnels really works.


We can control the behaviour of a slow interface (say an ADSL)
with/from a tunnel.

This works on a 2801 by the way: (yes really really works)

Not on 837

flash:c2800nm-advipservicesk9-mz.124-8.bin

class-map match-any ClM.voice
match dscp ef
match dscp cs3
match access-group name ACL.voice.sources ! dscp not working
correctly so use addresses
! should do something for
ospf too.

!Hierarchical policy maps:

policy-map PM.450000.child
class ClM.voice
priority 200
set dscp ef ! set DSCP so that tunnel and crypto traffic
can be matched.

policy-map PM.450000.parent
class class-default
shape average 450000 ! FIRST shape to 512k (inc crypto)
service-policy PM.450000.child ! SECOND do priority queuing as
defined in ...child.


interface Tunnel17000
ip address 172.17.6.1 255.255.255.252
ip access-group ACL.block.home-home in
ip mtu 1400 ! We do crypto later, avoid double fragmentation.
ip tcp adjust-mss 1360
ip ospf cost 1
load-interval 30
keepalive 7 3 ! for management but choose timer to bring down OSPF
! to avoid interference with ospf hello timer
! WHY NOT try to keep clear of bugs?
tunnel source FastEthernet0/0
tunnel destination x.x.x.x
service-policy output PM.450000.parent

vpn1#sh policy-map int tu 17000
Tunnel17000
Service-policy output: PM.450000.parent ! SHAPING
Class-map: class-default (match-any)
813489 packets, 268760589 bytes
30 second offered rate 1000 bps, drop rate 0 bps
Match: any
Traffic Shaping

Target/Average Byte Sustain Excess Interval
Increment
Rate Limit bits/int bits/int (ms)
(bytes)
450000/450000 2700 10800 10800 24 1350

Adapt Queue Packets Bytes Packets Bytes
Shaping
Active Depth Delayed Delayed Active
- 0 813093 249714100 174677 137403351 no !
not at present

Service-policy : PM.450000.child ! PRIORITY QUEUING

Class-map: ClM.voice (match-any)
261799 packets, 54848070 bytes
30 second offered rate 0 bps, drop rate 0 bps

Match: dscp ef (46)
0 packets, 0 bytes
30 second rate 0 bps

Match: dscp cs3 (24)
0 packets, 0 bytes
30 second rate 0 bps

Match: access-group name ACL.voice.sources
261799 packets, 54848070 bytes
30 second rate 0 bps

Queueing
Strict Priority
Output Queue: Conversation 40
Bandwidth 200 (kbps) Burst 5000 (Bytes)
(pkts matched/bytes matched) 74935/15218890
(total drops/bytes drops) 0/0
QoS Set
dscp ef
Packets marked 245666

Class-map: class-default (match-any)
551690 packets, 213912519 bytes
30 second offered rate 1000 bps, drop rate 0 bps
Match: any





Using: shape average 200000 on our end since we are
limited in this case by the 256k upload chez moi.


No load

H:\>ping 172.17.7.192

Pinging 172.17.7.192 with 32 bytes of data:
Reply from 172.17.7.192: bytes=32 time=26ms TTL=250
Reply from 172.17.7.192: bytes=32 time=28ms TTL=250
Reply from 172.17.7.192: bytes=32 time=24ms TTL=250
Reply from 172.17.7.192: bytes=32 time=27ms TTL=250


10 of these ought to fill it up.
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0
H:\>start cmd /c fping 172.17.7.192 -i -s 1300 -n 10000 -t 0


And full it is

Reply[217] from 172.17.7.192: bytes=1300 time = 555 ms TTL=250
Reply[218] from 172.17.7.192: bytes=1300 time = 524 ms TTL=250
Reply[219] from 172.17.7.192: bytes=1300 time = 552 ms TTL=250
Reply[220] from 172.17.7.192: bytes=1300 time = 527 ms TTL=250
Reply[221] from 172.17.7.192: bytes=1300 time = 552 ms TTL=250
Reply[222] from 172.17.7.192: bytes=1300 time = 558 ms TTL=250
Reply[223] from 172.17.7.192: bytes=1300 time = 530 ms TTL=250
Reply[224] from 172.17.7.192: bytes=1300 time = 545 ms TTL=250
Reply[225] from 172.17.7.192: bytes=1300 time = 555 ms TTL=250
Reply[226] from 172.17.7.192: bytes=1300 time = 556 ms TTL=250
Reply[227] from 172.17.7.192: bytes=1300 time = 526 ms TTL=250

Ping from VOICE VLAN
C:\>ping 172.17.7.192 -t
Pinging 172.17.7.192 with 32 bytes of data:
Reply from 172.17.7.192: bytes=32 time=82ms TTL=251
Reply from 172.17.7.192: bytes=32 time=78ms TTL=251
Reply from 172.17.7.192: bytes=32 time=39ms TTL=251
Reply from 172.17.7.192: bytes=32 time=78ms TTL=251

PERFECTO!!! Or even better?

In action:-

vpn1#sh policy-map int tu 17000
Tunnel17000
Service-policy output: PM.450000.parent
Class-map: class-default (match-any)
821618 packets, 276772681 bytes
30 second offered rate 200000 bps, drop rate 0 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval
Increment
Rate Limit bits/int bits/int (ms)
(bytes)
200000/200000 2000 8000 8000 40 1000

Adapt Queue Packets Bytes Packets Bytes
Shaping
Active Depth Delayed Delayed Active
- 9 821214 257523298 181177 144980711 yes

Service-policy : PM.450000.child

Class-map: ClM.voice (match-any)
261923 packets, 54857194 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: dscp ef (46)
0 packets, 0 bytes
30 second rate 0 bps
Match: dscp cs3 (24)
0 packets, 0 bytes
30 second rate 0 bps
Match: access-group name ACL.voice.sources
261923 packets, 54857194 bytes
30 second rate 0 bps
Queueing
Strict Priority
Output Queue: Conversation 40
Bandwidth 200 (kbps) Burst 5000 (Bytes)
(pkts matched/bytes matched) 75002/15223866
(total drops/bytes drops) 0/0
QoS Set
dscp ef
Packets marked 245790

Class-map: class-default (match-any)
559695 packets, 221915487 bytes
30 second offered rate 199000 bps, drop rate 0 bps
Match: any
vpn1#

There are no drops since I am using ping to generate the test traffic
and
we are just waiting for the return traffic to come back before we send
anything else.

Crap I know but it's what there is right now.



Now add a voice call:- (G.711 codec)

RTT doubles

Reply[947] from 172.17.7.192: bytes=1300 time = 995 ms TTL=250
Reply[948] from 172.17.7.192: bytes=1300 time = 1000 ms TTL=250
Reply[949] from 172.17.7.192: bytes=1300 time = 980 ms TTL=250
Reply[950] from 172.17.7.192: bytes=1300 time = 1002 ms TTL=250
Reply[951] from 172.17.7.192: bytes=1300 time = 1004 ms TTL=250
Reply[952] from 172.17.7.192: bytes=1300 time = 980 ms TTL=250
Reply[953] from 172.17.7.192: bytes=1300 time = 1021 ms TTL=250
Reply[954] from 172.17.7.192: bytes=1300 time = 996 ms TTL=250
Reply[955] from 172.17.7.192: bytes=1300 time = 981 ms TTL=250
Reply[956] from 172.17.7.192: bytes=1300 time = 1014 ms TTL=250
Reply[957] from 172.17.7.192: bytes=1300 time = 966 ms TTL=250
Reply[958] from 172.17.7.192: bytes=1300 time = 1010 ms TTL=250
Reply[959] from 172.17.7.192: bytes=1300 time = 996 ms TTL=250


>From voice VLAN addresses:-

PING RTT unchanged by adding voice call

C:\>ping 172.17.7.192 -t

Pinging 172.17.7.192 with 32 bytes of data:

Reply from 172.17.7.192: bytes=32 time=89ms TTL=251
Reply from 172.17.7.192: bytes=32 time=91ms TTL=251
Reply from 172.17.7.192: bytes=32 time=91ms TTL=251
Reply from 172.17.7.192: bytes=32 time=92ms TTL=251
Reply from 172.17.7.192: bytes=32 time=93ms TTL=251
Reply from 172.17.7.192: bytes=32 time=95ms TTL=251

vpn1#sh policy-map int tu 17000
Tunnel17000

Service-policy output: PM.450000.parent

Class-map: class-default (match-any)
829781 packets, 282801361 bytes
30 second offered rate 201000 bps, drop rate 0 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval
Increment
Rate Limit bits/int bits/int (ms)
(bytes)
200000/200000 2000 8000 8000 40 1000

Adapt Queue Packets Bytes Packets Bytes
Shaping
Active Depth Delayed Delayed Active
- 15 829370 263354478 189333 150811891 yes

Service-policy : PM.450000.child

Class-map: ClM.voice (match-any)
265516 packets, 55656742 bytes
30 second offered rate 82000 bps, drop rate 0 bps
Match: dscp ef (46)
0 packets, 0 bytes
30 second rate 0 bps
Match: dscp cs3 (24)
0 packets, 0 bytes
30 second rate 0 bps
Match: access-group name ACL.voice.sources
265516 packets, 55656742 bytes
30 second rate 82000 bps
Queueing
Strict Priority
Output Queue: Conversation 40
Bandwidth 200 (kbps) Burst 5000 (Bytes)
(pkts matched/bytes matched) 78595/15937266
(total drops/bytes drops) 0/0
QoS Set
dscp ef
Packets marked 249383

Class-map: class-default (match-any)
564265 packets, 227144619 bytes
30 second offered rate 117000 bps, drop rate 0 bps
Match: any




###########################################
# Has anyone managed to get crypto queuing working?
# I set it all up but there is no actual queuing?
###########################################

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Pcos low carb diet. Low carb diet program. Cholesterol low carb diet.Low carb diet foods. zyraco C++ 0 11-10-2009 01:44 PM
Low carb diabetes diet. Low fat high carb diet. The low carb diet.Low carb diet pregnancy. zyraco C++ 0 11-10-2009 01:44 PM
Low carb calorie diet. No low carb diet. Free low carb diet. Low carbdiet meal plan. zyraco C++ 0 11-10-2009 01:44 PM
Modular QoS (low latency queueing) on SHDSL bridged config Bod43@hotmail.co.uk Cisco 2 02-09-2008 07:38 AM
High latency when idle, low latency when passing traffic Mark Williams Cisco 2 04-25-2006 07:19 AM



Advertisments