HINT: If you have soft-phones or Soft Video clients on your network then this is not for you. You might want to explore the use of access list instead.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Catalyst 3850 Configuration samples
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
This configuration was designed to optimize a network that generates 30% Voip and Video traffic whilst the remaining is bulk data. This solution is currently working perfectly in an extremely busy network. The brief was that the configuration be kept simple yet effective.
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Steps::
Create two class maps: The first class maps matches the DSCP and COS markings of Audio and Video traffic:
class-map rtp_audio_and_video
match dscp af32 af33 cs4 af41 af42 af43 ef
match cos 4 5
class-map signal
description voip signal traffic
match dscp cs3 af31 af32 af33
match cos 3
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
One of the cool features of the 3850 switch is that it allows for the creation of two priority queues. So on this occasion, I placed both Audio and Video traffic in the first priority queue while placing the VIOP and video signalling traffic in the second priority queue. However, please note that because Video traffic is more burst-y than RTP audio, it is better to place Video traffic in the second priority queue when designing qos for a network where there is an extensive video deployment.
Notice that at the end I just added the command: ‘ class call-default’ ? This is the ‘catch-all’ statement that matches any traffic that was not expressly matched by the class-maps above.
policy-map media_priority
class rtp_audio_and_video
priority level 1 percent 35
class signal
priority level 2 percent 15
class class-default
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The statement below can then be applied to all trunk interfaces. For trunk-groups/ether-channels, you can add the command in both input and output directions.
service-policy output media_priority
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The following commands were placed on all the access ports. The first command tells the switch to only accept qos markings from cisco-phones. However, the Cisco 3850 switch provides for the ability to trust other devices like , Cisco Digital Media Player, Cisco TelePresence System, and IP Video Surveillance Cameras.
The second line tells the Cisco phone to mark all traffic coming form the connected PC with a COS value of 0.
One thing that should be noted is that by default, the Cisco 3850 switch will trust all QOS markings coming from attached devices so I would advise on using the ‘ trust device’ statements to lock-down or prevent rouge devices from marking the QOS values of their traffic too high.
trust device cisco-phone
switchport priority extend cos 0
service-policy output media_priority
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Now that we’ve talked about the configurations, let talk about how to check whether the qos is actually working.:
Looking that output below, you will notice that ‘bytes output’ and ‘total drops’ counters. These are the counters that you need to look out for: issue the command every few seconds and see whether the counters are increasing.
You will also notice that the class-map counters are all zero. Don’t let this alarm you. The qos is working; Cisco has just done what they do very well which is to get everyone startled. Ignore that part. If in doubt, apply an aggressive policing policy to the traffic that you are matching and see everything grind to a halt 🙂
BRAZIL-3850-STK1#show policy-map interface g1/0/1
GigabitEthernet1/0/1
Service-policy output: media_priority
queue stats for all priority classes:
Queueing
priority level 1
(total drops) 0
(bytes output) 893757086
queue stats for all priority classes:
Queueing
priority level 2
(total drops) 0
(bytes output) 34404961
Class-map: rtp_audio_and_video (match-any)
0 packets
Match: dscp af32 (28) af33 (30) cs4 (32) af41 (34) af42 (36) af43 (38) ef (46)
0 packets, 0 bytes
5 minute rate 0 bps
Match: cos 5
0 packets, 0 bytes
5 minute rate 0 bps
Match: cos 4 5
0 packets, 0 bytes
5 minute rate 0 bps
Priority: 35% (350000 kbps), burst bytes 8750000,
Priority Level: 1
Class-map: signal (match-any)
0 packets
Match: dscp cs3 (24) af31 (26) af32 (28) af33 (30)
0 packets, 0 bytes
5 minute rate 0 bps
Match: cos 3
0 packets, 0 bytes
5 minute rate 0 bps
Priority: 15% (150000 kbps), burst bytes 3750000,
Priority Level: 2
Class-map: class-default (match-any)
0 packets
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
(total drops) 0
(bytes output) 2422713863
Did you notice anything odd about the Class-maps configurations above? Ok let me ask the question: Are those class-maps a ‘ match-any’ or ‘match-all’ statement?
We all know that if an Engineer does not expressly configure her class-map with a ‘ match-any’ statement, the class-map will be set to a ‘ match-all’ statement. But in the 3850 switches; this is not true. A quick look at the output of the ‘show policy-map interface g1/0/1’ above will prove this.
Hope you find this helpful.
Cheers
Maxwell
The Voice Initiate 