Support
Community

mikeatcomtech · ‎03-26-2014

I have this router configured with the following QOS config:

interface vlan 10

ip address 63.139.44.34 255.255.255.248

ip access-policy Public

traffic-shape rate 10000000

qos-policy out WAN_Outbound

no shutdown

qos map LAN_Inbound

map entry 10

match ACL IQ_subnets_out

set precedence value to 5

Interfaces using qos map LAN_Inbound:

vlan 1:Input (enabled)

vlan 2:Input (enabled)

qos map WAN_Outbound

map entry 10

match IP packets with a precedence value of 5

priority bandwidth: 75 (% of total) burst: default

Interfaces using qos map WAN_Outbound:

vlan 10:Output (enabled)

I would like to have LLQ enforced on the vlan 10 interface which has 10mbps available. However when I look at the output of show queue vlan 10 it states that the available bandwidth is zero and the queuing method is Weighted Fair:

Queueing method
    Configured Queueing Method: fifo
    Effective Queueing Method: weighted fair
Output queue: 0/1/684/64/0 (size/highest/max total/threshold/drops)
    Conversations 0/1/256 (active/max active/max total)
    Available Bandwidth 0 kilobits/sec

Am I misreading the output of show queue vlan 10? or have I misconfigured something?,3448

Anonymous · ‎04-28-2014

:

Thank you for replying with the requested output. The QoS map appears to be matching traffic with an IPP of 5 (so it is working); however, the ACL is not matching any traffic from those IPs in the port range. It would appear traffic is already arriving in the ADTRAN marked with IPP 5.

Levi

View solution in original post

Anonymous · ‎04-01-2014

:

Thank you for asking this question in the Support Community. From the output above, it appears that you are using an ACL to match inbound traffic and set the IPP value to 5. Then you are prioritizing IPP 5 out VLAN 10. Is that your intentions? If you would like to reply to this post, and attach the current configuration (please, remember to remove any information that may be sensitive to the organization), I will be happy to review it for you.

Levi

mikeatcomtech · ‎04-03-2014

Levi,

Yes that is my intention, I'm unsure if the show queue command is not showing the proper info. This is for VOIP and I would like to be using LLQ if possible.

!
ip subnet-zero
ip classless
ip routing
ip domain-proxy
ip name-server 63.80.96.85 63.80.96.86 66.155.216.122 207.59.153.242
!
!
no auto-config
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
!
service password-encryption
!

!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
no ip firewall alg sip
!
no dot11ap access-point-control
!
ip dhcp-server excluded-address 10.52.2.1 10.52.2.20
ip dhcp-server excluded-address 10.52.2.200 10.52.2.254
!
ip dhcp-server pool "Private"
network 10.52.2.0 255.255.255.0
dns-server 66.155.216.122 207.59.153.242
netbios-node-type h-node
default-router 10.52.2.1
!
qos map LAN_Inbound 10
match list IQ_subnets_out
set precedence 5
!
qos map WAN_Outbound 10
match precedence 5
priority percent 75
!
!
!
!
vlan 1
name "Default"
!
vlan 2
name "LAN"
!
vlan 10
name "WAN"
!
!
interface eth 0/1
no ip address
shutdown
no lldp send-and-receive
!
!
interface switchport 0/1
description WAN Port
no shutdown
switchport access vlan 10
!
interface switchport 0/2
no shutdown
switchport access vlan 10
!
interface switchport 0/3
spanning-tree edgeport
no shutdown
switchport access vlan 2
switchport voice vlan 2
!
interface switchport 0/4
spanning-tree edgeport
no shutdown
switchport access vlan 2
!
!
!
interface vlan 1
ip address 10.10.10.1 255.255.255.0
qos-policy in LAN_Inbound
no shutdown
!
interface vlan 2
ip address 10.52.2.1 255.255.255.0
ip access-policy Private
qos-policy in LAN_Inbound
no shutdown
!
interface vlan 10
ip address xxxxxx 255.255.255.248
ip access-policy Public
traffic-shape rate 10000000
qos-policy out WAN_Outbound
no shutdown

ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
!
ip access-list extended IQ_subnets_out
! Implicit permit (only for empty ACLs)
!
ip access-list extended IQ_subnet_out
permit udp any 69.43.131.224 0.0.0.31 range 50000 55000
permit udp any 74.123.80.0 0.0.3.255 range 50000 55000
!
ip access-list extended self
remark Traffic to NetVanta
permit ip any any     log
!
ip access-list extended web-acl-3
remark Remote Access
permit tcp any any eq https   log
permit tcp any any eq ssh   log
!
ip access-list extended web-acl-6
permit tcp any any eq ssh   log
!
ip policy-class Private
allow list self self
nat source list wizard-ics interface vlan 10 overload
!
ip policy-class Public
allow list web-acl-6 self
!
!
ip route 0.0.0.0 0.0.0.0 63.139.44.33
!
no tftp server
no tftp server overwrite
ip http server
ip http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
no ip sip udp
no ip sip tcp
!
line con 0
login
!
line telnet 0 4
login local-userlist
password encrypted
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!

ntp peer 64.236.96.53 version 3

Anonymous · ‎04-28-2014

:

I do not see anything misconfigured in the configuration output you sent. Are you certain the phones are sending traffic matching the UDP ports 50000 to 55000? What firmware version are you using? What is the output from the show access-lists command? Are there matches on the "QoS" ACLs? What about in the show qos map interface vlan 10?

Levi

mikeatcomtech · ‎04-28-2014

Levi,

Here is the output from Show qos map int vlan 10:

vlan 10

qos-policy out: WAN_Outbound

map entry 10

match IP packets with a precedence value of 5

priority bandwidth: 75 (% of total)

burst budget 187282/187500 bytes (current/max)

packets matched: 58301468, bytes matched: 12681210796

packets dropped: 0, bytes dropped: 0

5 minute offered rate 68968 bits/sec, drop rate 0 bits/sec

map entry default

packets matched: 28155666, bytes matched: 2752020779

5 minute offered rate 6528 bits/sec, drop rate 0 bits/sec

Perhaps LLQ is not supposed to show in the output of the "show queue vlan 10" command?

mikeatcomtech · ‎04-28-2014

Oops, here is the show access lists output:

winvale#show access-lists

* - Indicates access list entry disabled by track.

Standard IP access list wizard-ics

remark Internet Connection Sharing

permit any (3530647 matches)

Extended IP access list IQ_subnets_out

Extended IP access list IQ_subnet_out

permit udp any 69.43.131.224 0.0.0.31 range 50000 55000 (0 matches)

permit udp any 74.123.80.0 0.0.3.255 range 50000 55000 (0 matches)

Extended IP access list self

remark Traffic to NetVanta

permit ip any any log (811 matches)

Extended IP access list web-acl-3

remark Remote Access

permit tcp any any eq https log (0 matches)

permit tcp any any eq ssh log (0 matches)

Extended IP access list web-acl-6

permit tcp any any eq ssh log (50104 matches)

Anonymous · ‎04-28-2014

:

Thank you for replying with the requested output. The QoS map appears to be matching traffic with an IPP of 5 (so it is working); however, the ACL is not matching any traffic from those IPs in the port range. It would appear traffic is already arriving in the ADTRAN marked with IPP 5.

Levi

Support
Community

Are my qos settings correct?

Quality of Service

Routing

WAN

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

SupportCommunity

Are my qos settings correct?

Quality of Service

Routing

WAN

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Re: Are my qos settings correct?

Support
Community