cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bbrown21
New Contributor

Difference between different types of QoS

I was looking at some of the configuration guides for QoS, and one thing I notice they are missing is an explanation of how different types of QoS commands will perform under load.  Is there anything out there that documents the different types of QoS commands and how they work under load?  I've got a site that's using Comcast, and I'm trying to configure QoS to make sure the traffic to a particular website is given very high priority, while not making that bandwidth unavailable when not needed.

Labels (2)
0 Kudos
3 Replies
Anonymous
Not applicable

Re: Difference between different types of QoS

Hi bbrown21:

The guide Configuring QoS in AOS provides some great examples and explains how AOS processes QoS.  The application note Configuring an efficient QoS Map provides additional tips.  I recommend going over the introductions at the beginning and then find one of the examples similar to your need.

QoS reserves bandwidth for priority traffic.  If your total traffic throughput is less than the available bandwidth, then QoS is unnecessary (and will not be active in an AOS unit even if configured).  But traffic throughput commonly saturates WAN connections and consumes all available bandwidth.  When this happens, properly-configured QoS should forward important traffic with priority while delaying other "best-effort" traffic until it can fit through.

The documents explain an important concept:  Internet connection speeds are often provisioned by the carrier for speeds less than the physical link between the modem and firewall.  That is, your NetVanta 3400 series router links at 100Mbps to the modem, but the speed you're paying for may be less (50M down/10M up, for example).  The AOS unit needs to be aware of the actual Internet speed (10M up in this example).  Otherwise, QoS will not kick in until traffic throughput reaches 100M (oversimplification; default settings allow the unit 75% of the interface speed) and you need it to kick in when the provisioned 10M is saturated.  The guide will show you how to use command traffic-shape rate so the unit is aware of actual available bandwidth (web GUI examples are given as well).

Also, QoS is an egress feature.  The 3400 series router will prioritize certain traffic outbound to Comcast based on your settings.  I'm not sure about your application.  For many websites, download performance is most noticeable.  Feel free to provide more detail about this project or let us know if you have more questions!

Best,

Chris

Re: Difference between different types of QoS

Thanks for the great reply.  I did have an older version of the document I was looking at, it just didn't make all of the different kinds of priorities clear for particular circumstances.  I'll post some snippets of what I currently have, which I think is what we want, but we're still getting a lot of feedback that the system is slowing down at particular times.

To preface:  What I have is a doctor's office, who is accessing Electronic Health Records(EHR) through Comcast.  They are also sending images using GRE over IPSEC over the Comcast as well.  We have 50/10 Comcast.  It seems like most of the time I'm told that EHR is running slow, it coincides with images saturating the upload side of the Comcast link.  I'd like to make sure that when images are being sent, it's not causing significant slowdown for the EHR access.  Perhaps the best way to do this is to rate limit the image sending, instead of trying to give priority to the EHR?


qos map QOS-Policy 10


  match ip list QOS-Integreat-acl


  priority percent 50


!


!


interface eth 0/2


  description Comcast Uplink


  ip address  XX.XX.XX.XX 255.255.255.248


  ip mtu 1500


  ip access-policy Public


  ip crypto map vpn-set


  no rtp quality-monitoring


  traffic-shape rate 10000000


  qos-policy out QOS-Policy


  no shutdown


!


!


ip access-list extended QOS-acl


  remark Identify EMR Traffic


  permit ip any  YY.YY.YY.YY 0.0.0.31


Anonymous
Not applicable

Re: Difference between different types of QoS

I see.  One thing I noticed from your sample config is the ACL name is not the same as the match statement in the qos map.  I'm guessing it was just a typo in your post; probably not an issue in the real config.

You could try limiting image upload.  Think of a way to identify that traffic and create an ACL (if it can be identified by source/destination IP or port).  Then change your qos map (or create a new sequence) to limit the bandwidth:


!


qos map QOS-Policy 10


  match ip list QOS-Image-Transfer


  priority percent 50


!


!


interface eth 0/2


  description Comcast Uplink


  ip address  XX.XX.XX.XX 255.255.255.248


  ip mtu 1500


  ip access-policy Public


  ip crypto map vpn-set


  no rtp quality-monitoring


  traffic-shape rate 10000000


  qos-policy out QOS-Policy


  no shutdown


!


!


ip access-list extended QOS-Image-Transfer


  remark Image upload traffic


  permit ip any  host ZZ.ZZ.ZZ.ZZ [or whatever works in your case]


!


What do you think?

Chris