QoS on Cisco ASA 5505 (DSL)
in [Cisco]
|
Prev: 830 - worth to start with ?
Next: Cisco VPN Client
From: bod43 on 18 Feb 2010 00:44 On 17 Feb, 19:36, Joe <midas1...(a)gmail.com> wrote: > On Feb 17, 1:58 pm, alexd <troffa...(a)hotmail.com> wrote: > > > On Wed, 17 Feb 2010 10:43:04 -0800, Joe wrote: > > > Do you have an example of some code to do this? I'd want to do this > > > with ftp, and I have another site that I'd use it with SMTP (for a > > > scan-to-email machine they have). > > > <http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ > > qos.html> > > > -- > > <http://ale.cx/> (AIM:troffasky) (UnSoEsNpE...(a)ale.cx) > > 18:57:50 up 1 day, 23:48, 6 users, load average: 0.00, 0.04, 0..06 > > DIMENSION-CONTROLLING FORT DOH HAS NOW BEEN DEMOLISHED, > > AND TIME STARTED FLOWING REVERSELY > > Yeah, I was looking at that document, but unfortunately it has a lot > of information in it that doesn't make sense to me. ASAs are new to > me, and most of what I can find involves putting QoS on a vpn > connection. I tried to cobble that into what I was trying to do > (which resulted in the configuration I have posted above), but there's > something I'm missing. The ASA seems to have the tools you need. The best solution is to do traffic shaping on the outbound traffic to limit the rate to the DSL upload rate. Then within that do priority queuing for your voice traffic. This is implemented with a hierarchical policy map. The main or outer policy map shapes the traffic to some rate and then the inner or sub policy map can priority queue the traffic within that rate. There is an example in the document already mentioned. http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/qos.html See:- "Creating a Policy for Traffic Shaping and Hierarchical Priority Queueing" class-map CM.voice-carrier match dscp cs5 ef !<-- First define the "sub" policy for priority queuing policy-map PM.sub.voice-carrier class CM.voice-carrier priority !<-- Now define the "main" policy for traffic shaping policy-map PM.main.shape class class-default !<-- this class defined by default shape average 256000 10000 service-policy PM.sub.voice-carrier !<-- Now add the policy to an interface. Only makes sense !<-- outbound so that seems to be assumed. service-policy PM.main.shape interface outside I don't have an ASA to play with so I have not tried these commands. Be conservative with the shape rate, make SURE it is LOWER than your traffic speed. The other thing to worry about is to ensure that the ASA honours the dscp bits. I have not checked. By default switches throw them away on receipt. "DSCP markings are preserved on all traffic passing through the security appliance." So no worries there then:-))) Good luck. |