Cisco ASA 5505 User Manual

Page 1156

Advertising
background image

54-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 54 Configuring QoS

Configuring QoS

Example 54-2 Priority and Policing Example

In this example, the maximum rate for traffic of the tcp_traffic class is 56,000 bits/second and a
maximum burst size of 10,500 bytes per second. For the TG1-BestEffort class, the maximum rate is
200,000 bits/second, with a maximum burst of 37,500 bytes/second. Traffic in the TG1-voice class has
no policed maximum speed or burst rate because it belongs to a priority class.

hostname(config)# access-list tcp_traffic permit tcp any any

hostname(config)# class-map tcp_traffic

hostname(config-cmap)# match access-list tcp_traffic

hostname(config)# class-map TG1-voice

hostname(config-cmap)# match tunnel-group tunnel-grp1

hostname(config-cmap)# match dscp ef

hostname(config-cmap)# class-map TG1-BestEffort

hostname(config-cmap)# match tunnel-group tunnel-grp1

hostname(config-cmap)# match flow ip destination-address

hostname(config)# policy-map qos

hostname(config-pmap)# class tcp_traffic

hostname(config-pmap-c)# police output 56000 10500

hostname(config-pmap-c)# class TG1-voice

hostname(config-pmap-c)# priority

hostname(config-pmap-c)# class TG1-best-effort

hostname(config-pmap-c)# police output 200000 37500

hostname(config-pmap-c)# class class-default

hostname(config-pmap-c)# police output 1000000 37500

hostname(config-pmap-c)# service-policy qos global

Configuring a Service Rule for Traffic Shaping and Hierarchical Priority
Queuing

You can configure traffic shaping for all traffic on an interface, and optionally hierarchical priority
queuing for a subset of latency-sensitive traffic.

This section includes the following topics:

(Optional) Configuring the Hierarchical Priority Queuing Policy, page 54-12

Configuring the Service Rule, page 54-13

(Optional) Configuring the Hierarchical Priority Queuing Policy

You can optionally configure priority queuing for a subset of latency-sensitive traffic.

Guidelines

One side-effect of priority queuing is packet re-ordering. For IPsec packets, out-of-order packets
that are not within the anti-replay window generate warning syslog messages. These warnings are
false alarms in the case of priority queuing. You can configure the IPsec anti-replay window size to
avoid possible false alarms. See the crypto ipsec security-association replay command in the
command reference.For hierarchical priority queuing, you do not need to create a priority queue on
an interface.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals