Saturday, May 18, 2013

Understanding MQC, Part 2: Basic Configuration

In my previous post I mentioned the six steps which are required in order to implement a QoS solution. In this post I'll use those steps to create an example implementation. Before I do though, I'll first cover the "bandwidth" and "priority" commands.

Priority & Bandwidth Commands

In Step 3 of the process you must assign a a portion of bandwidth to the Class Map. The two main options used here are "priority"and "bandwidth". Details on these two options can be found here.

In short though, the "priority" command is used for time sensitive applications where packets need to be sent ASAP, for example, VoIP calls. To ensure that these packets are sent as soon as possible, the router uses a special queuing process called Low Latency Queuing (LLQ) whereby all priority packets are sent immediately, even if there are other packets which on the router first.

The "bandwidth" command is used for non-time sensitive traffic, such as large file backups.

Basic Configuration

Now that we've covered the basics, let's jump in to a Basic Configuration example using the Six Steps outlined in my previous post.

I'll be using iperf to generate traffic in my lab network. The two traffic flows I will prioritise are:

Interface Shape: 1mb

Bulk Data Traffic:
Source IP:
Destination IP:
Destination Port: 5001
DSCP Marking: AF33
Bandwidth: 300kb

Voice Traffic:

Source IP:
Destination IP:
Destination Port: 5002
DSCP Marking: EF
Priority: 150kb

Step 1 - Classify Class Map

Note: I'll be using ACLs to match the desired traffic, however, protocols can also be matched through the use of NBAR.

The "classify" ACLs look like this:

ip access-list extended BULK_DATA
permit tcp host host eq 5001

ip access-list extended VOICE
permit tcp host host eq 5002

Now we need to create the "classify" Class Maps and tie them to the above ACLs:

class-map match-any  MARK-BulkData
match access-group name BULK_DATA

class-map match-any  MARK-Voice
match access-group name VOICE

Step 2 - Inbound Policy Map

Next, we have to tie the above "classify" Class Maps to a Policy Map and assign the DSCP values to each of the Classes:

policy-map INGRESS-Mark-DSCP
  class MARK-BulkData
    set dscp af33 

  class MARK-Voice
    set dscp ef

Now we apply the Policy Map in the inbound direction on the router's LAN facing interface:

interface gi0/2.10
  desc LAN Port - Ingress Packet Marking 
  service-policy input INGRESS-Mark-DSCP

Step 3 - Prioritisation Class Map

Note: These Class Map names do not need to match the ones used in Step 1.

Here we match the DSCP values which were configured in Step 2:

class-map match-any MATCH-BulkData
  match dscp af33

class-map match-any MATCH-Voice
  match dscp ef


Step 4 - Bandwidth Allocation Policy Map (Child)

Now we allocate the bandwidth to each of the above Class Maps using another Policy Map.

Recall that this Policy Map will not be applied to an interface and will instead be applied underneath another Policy Map. That is why this Policy Map is known as a "Child" Policy Map:

policy-map CHILD-EGRESS-BandwidthAllocation
  class MATCH-BulkData
    bandwidth 300
  class MATCH-Voice
    priority 150

Step 5 & 6 - Shaper Policy Map (Parent)

Here we create the Parent Policy Map as well as apply the 1mb shaper. We then attach the Child Policy Map to it.

policy-map  PARENT-EGRESS-Shaper
  class class-default
    shape average 1024000
    service-policy CHILD-EGRESS-BandwidthAllocation

Now we apply the Parent Policy Mapoutbound on the router's WAN facing interface:

interface gi 0/1
  service-policy output PARENT-EGRESS-Shaper


Before I end this post I thought I should quickly mentioned the "Class-Default" class. Anything which does not match a manually configured Class (which in this example are the MATCH-BulkData and MATCH-Voice classes) will automatically be sent to the "Class-Default" class. The same goes for unallocated bandwidth. Both of these scenarios are discussed in my next post.

As always, if you have any questions or have a topic that you would like me to discuss, please feel free to post a comment at the bottom of this blog entry, e-mail at, or drop me a message on Twitter (@OzNetNerd).

Note: This website is my personal blog. The opinions expressed in this blog are my own and not those of my employer.

No comments:

Post a Comment