tag:blogger.com,1999:blog-7943835118979294771.post2346105192109037501..comments2024-02-18T08:10:47.461-05:00Comments on Kayser's Tech Notes: Doing ASA Quality of Service (QOS) on DSL or Cable InternetBrian Kayserhttp://www.blogger.com/profile/14553812295322745265noreply@blogger.comBlogger19125tag:blogger.com,1999:blog-7943835118979294771.post-29249814087923445622022-04-09T17:36:05.027-04:002022-04-09T17:36:05.027-04:00MapleStory.es - 3D isometric adventure MMORPG<
...MapleStory.es - 3D isometric adventure MMORPG<<br /><br />Download MapleStory and start the game.<br /><br /><a href="https://maplestory.es/" rel="nofollow">https://maplestory.es/</a><br /><br />MapleStory is a free to download 2D online video game of the MMORPG genre, created by the Korean company Wizet. Although the game is free to play, it includes other items that can be purchased for real money. Around the world, the game has millions of users. The story of the game is about some travelers who seek to save the Maple World from the terrible Black Mage. In this plot, the travelers become stronger as they eliminate the enemies of the game, many creatures of different appearance. As they advance in level, travelers choose the paths and disciplines to follow, which we will detail below.<br /><br />What is MapleStory?<br />MapleStory 2 is a 3D isometric adventure MMORPG in which players create their own character and select one of several jobs to explore the new Maple World. Players will find several NPCs with various Quests, Monsters, and Bosses from the previous version, as well as completely new ones to fight against. The game also features dungeons and raids for players to team up with each other to complete.<br /><br />Out of action<br />There are also a variety of activities for players to participate in, such as buying and building personal homes, crafting with Life Skills, fishing, composing music, creating custom user content such as custom clothing, and much more.<br /><br />History of the last UPDATE<br />Nexon published the first closed beta test of the global version which ran from May 9, 2018 to May 16, 2018, and a second closed beta ran from July 18 to August 1, 2018. The game launched on October 10, 2018 with players who purchased a Founder's Pack on or after October 1, 2018. On Wednesday, May 27, 2020, Nexon ended service for the global version of MapleStory 2.<br /><br /><a href="https://maplestory.es/" rel="nofollow">https://maplestory.es/</a>WastedRealhttps://www.blogger.com/profile/08560753073096029441noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-21177483243359374872016-12-13T05:58:20.868-05:002016-12-13T05:58:20.868-05:00Hi Brian,
I am using 5505 9.3.1 version and tryin...Hi Brian,<br /><br />I am using 5505 9.3.1 version and trying to setup QOS on it. Could you please advise if it is ok? I am trying to allocate 8mb for VoIP traffic.<br /><br />class-map voip-inside-class<br />description VoIP traffic<br />match dscp ef<br />policy-map voip-inside-policy<br />description voip on inside interface<br />class voip-inside-class<br />Priority<br />police output 67108500<br />please let me know if I have made any mistake?<br />Anonymoushttps://www.blogger.com/profile/11052364801308655938noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-53575750251492942662016-03-29T08:26:17.825-04:002016-03-29T08:26:17.825-04:00Sure you can throttle inbound traffic (I said that...Sure you can throttle inbound traffic (I said that); my point was that by the time it gets to your ASA it is pretty much pointless. If you have 10MB download speed from your ISP then that's your choke point (of which you have no control), why choke it more on your ATA's inside interface?? From there you can blast it through at 100 or 1000MB. Depending on your ISP, you most likely have no priority control over your UDP traffic until it reaches your ATA, and once it does then bandwidth probably isn't an issue any longer. <br /><br />Think of a funnel. Going out, you are poring into the big opening and it gets squished down to fit through the smaller opening. You CAN control that and you can limit the amount of regular traffic to leave more room for VoIP. But, on the way back in, you have no control on how stuff gets to the smaller opening, only once it gets through; and thus your ATA is the big opening. So why funnel it down again? Blast it through... Brian Kayserhttps://www.blogger.com/profile/14553812295322745265noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-28589532304677270252016-03-29T02:35:39.647-04:002016-03-29T02:35:39.647-04:00Contrary to what the author writes, you can thrott...Contrary to what the author writes, you can throttle inbound traffic quite effectively by policing traffic leaving the inside interface for the host machine, that is, output policing. With an ACL, I targeted UDP traffic in particular and limited the rate to about two-thirds of my available downstream bandwidth, and the UDP traffic was precisely pegged at the target rate, leaving plenty of upstream bandwidth for my VOIP calls.<br /><br />Neither Standard Priority Queuing nor Hierarchical Priority Queuing with traffic shaping worked reliably for me. Whereas policing worked perfectly for me every time to guarantee adequate bandwidth for VOIP traffic.pwayboyhttps://www.blogger.com/profile/05381579599317020228noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-65188278161710387632016-03-29T02:19:13.138-04:002016-03-29T02:19:13.138-04:00In the traffic shaping example, the reason everyth...In the traffic shaping example, the reason everything goes into the Best Effort queue and not the Low Latency Queue is because priority queuing is not compatible with traffic shaping. It has no effect. This is according to Cisco documentation.pwayboyhttps://www.blogger.com/profile/05381579599317020228noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-72794488980345908512014-01-26T15:07:43.011-05:002014-01-26T15:07:43.011-05:00Hi, did you ever get a answer to this question? I...Hi, did you ever get a answer to this question? I am running into the same issue. I know this thread is 2 years old...lolRobhttps://www.blogger.com/profile/17074791807423231028noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-28087400815620119102013-05-01T08:35:18.197-04:002013-05-01T08:35:18.197-04:00Bandwidth Management(Rate Limit) Using QoS Policie...Bandwidth Management(Rate Limit) Using QoS Policies:<br />http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008084de0c.shtml<br /><br />QoS mechanisms that are supported on the ASA:<br />https://supportforums.cisco.com/docs/DOC-1230<br /><br />also this example describes QoS for VoIP Traffic on VPN Tunnels:<br />http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml<br />Anonymoushttps://www.blogger.com/profile/10534066455854386662noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-3386334393815016442013-01-15T22:29:28.267-05:002013-01-15T22:29:28.267-05:00Hi, let say the DSL upload speed is 1.5Meg, from a...Hi, let say the DSL upload speed is 1.5Meg, from above your example, all non-voice traffic will be policed to 1Meg and voice traffic will get the remaining .5Meg "IF" the link is congested? Am I understand you correctly?<br /><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-21227280534149465912013-01-08T08:58:56.045-05:002013-01-08T08:58:56.045-05:00Hi (Hope this very late response is allowed),
The...Hi (Hope this very late response is allowed),<br /><br />The past weeks I've been dealing whith the same set-up as discribed here.<br />Just wanted to let you know if you apply the shaping like you did over here, the priority doens't seem to work.<br />Checked the priority-queue statistics and everything goes into the BE-queue and not in the LLQ like it should.<br />It also seems better to apply shaping on the whole bandwidth like Flooter said.<br />The best option I found so far is:<br /><br />policy-map shape-priority-policy<br /> class TG-voice<br /> priority<br /> class class-default<br /> police output 1000000<br /><br />Wich moves the voice-traffic to the LLQ, the rest-traffic to the BE-queue and police everything except the voice-traffic.<br /><br />Plz let me your thoughts..Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-16557223476186232882012-07-11T23:06:32.713-04:002012-07-11T23:06:32.713-04:00Hi there,
thanks for your post. Based on what you&...Hi there,<br />thanks for your post. Based on what you've seen with the cisco ASA's, I am wondering if you can provide an example for the following:<br /><br />I have a dsl modem connected to my asa 5505. On one vlan I have an Office_network. On a second Vlan I have a public_Wifi_network. The DSL connection is 3Meg down, and 1 meg up. I would like to ensure that the office_network gets 75% of the inbound and outbound internet connection.<br /><br />Is this possible?<br /><br /><br />Thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-77921385581820486482012-07-11T14:35:47.597-04:002012-07-11T14:35:47.597-04:00Quick question: I want to use this strategy to QO...Quick question: I want to use this strategy to QOS traffic going between 2 hosts. Each host is at a different site and the sites are connected via VPN. The VPN headend is a 5505 ASA and the remote is a 2921 ISR. I want to QOS some video (VIDYO) traffic over this link. VIDYO does not mark their traffic, so I need an alternate way to capture the traffic. I chose an ACL but the ASA is throwing an error when I try that. So what I want to do is QOS traffic that I define with an ACL going across a VPN tunnel. Any ideas???<br /><br />ip access-list extended vidyo_traffic<br />permit ip host 10.19.1.10 host 10.10.0.201<br />!<br /><br />class-map US_voice<br /><br />description “match voice on US-LIMA Tunnel Group based on flows”<br /><br />match tunnel-group 74.105.67.34<br /><br />match dscp ef<br /><br />!<br /><br />class-map US_vidyo<br /><br />description “match video on US-LIMA Tunnel Group based on flows”<br /><br />match tunnel-group 74.105.67.34<br /><br />match access-group vidyo_traffic<br /><br />!<br /><br />priority-queue outside<br /><br />queue-limit 512<br /><br />tx-ring-limit 64<br /><br />!<br /><br />policy-map VPNQOS_US-LIMA<br /><br />class US_voice<br /><br />priority<br /><br />class US_vidyo<br /><br />priority<br /><br />!<br /><br />service-policy VPNQOS_US-LIMA interface outside<br /><br />However when I tried to apply this to the PERU ASA I get the following error…<br /><br />ASA_FW# conf t<br />ASA_FW(config)# class-map US_voice<br />ASA_FW(config-cmap)# description .match voice on US-LIMA Tunnel Group based o$<br />ASA_FW(config-cmap)# match tunnel-group 74.105.67.34<br />ASA_FW(config-cmap)# match dscp ef<br />ASA_FW(config-cmap)# !<br />ASA_FW(config-cmap)# class-map US_vidyo<br />ASA_FW(config-cmap)# description .match video on US-LIMA Tunnel Group based o$<br />ASA_FW(config-cmap)# match tunnel-group 74.105.67.34<br />ASA_FW(config-cmap)# match access-list vidyo_traffic<br />ERROR: 'match access-list' can't be configured with tunnel-group.Joehttp://facebook.com/jgaefenoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-83625782913319649952012-07-02T11:39:04.329-04:002012-07-02T11:39:04.329-04:00Flooter - true enough on a router. Just wondering...Flooter - true enough on a router. Just wondering if this works the same on an ASA.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-30462930889908508962012-06-28T22:19:34.707-04:002012-06-28T22:19:34.707-04:00Brian, you FIRST shape ALL traffic by using the on...Brian, you FIRST shape ALL traffic by using the only "class class-default" statement with a single "shape" command in it and THEN "service-policy PRIORITY-POLICY" looks to what traffic to prioritize (this traffic has already been shaped by now).<br />If you want to strictly reserve X amount of bandwidth for VoIP you should do that like this:<br />---------------------------<br />policy-map QOS-TRAFFIC-OUT<br /> class VOIP-TRAFFIC<br /> class class-default<br /> shape average 600000<br />---------------------------<br />Policy is matched from top to bottom (like an ACL)<br />If matches VOIP-TRAFFIC and... do nothing, leaving it to go freely.<br />If traffic is NOT Voice - then it will be classified as "class-default" and will be shaped at 600K.<br /><br />However it is not an optimal solution.<br /><br />Please have a look at the book "IP Telephony Self-Study: Cisco QOS Exam Certification Guide, Second Edition" by "Wendell Odom, Michael J. Cavanaugh", ISBN: 1-58720-124-0 ,<br />Chapter 6, "Tuning Shaping for Voice Using LLQ and a Small Tc"<br /><br />there you can find exactly your case.Flooterhttps://www.blogger.com/profile/11215543231965442941noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-20634478999068344232012-06-26T10:23:12.259-04:002012-06-26T10:23:12.259-04:00Brian - I think Flooter is more correct. Can you ...Brian - I think Flooter is more correct. Can you state the basis on why you wouldn't shape for just below the CIR? The priority queue should still carve bandwidth out of the CIR rate. I'm just curious why you are limiting your bandwidth to say 600 and losing 400Kbps at any other time.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-67813108564422672562012-06-05T08:19:12.168-04:002012-06-05T08:19:12.168-04:00Flooter - in this example, the "shape average...Flooter - in this example, the "shape average 600000" is what I'm leaving available for non prioritized traffic. So if I have 1Mb of available bandwidth then I'm leaving 400Kbt for my voice and 600Kbt for other, non priority traffic. If you did a speed test the upload speed wouldn't be beyond 600Kbt. If it was set to 1000000 then that wouldn't leave any reservation for voice. Now if you have a 10Mb connection, you'd want to bump that up to say 9Mb or even 9.5mb (ie. shape average 9500000). If you use the 600Kbt example then no matter how much bandwidth you have, only 600Kbt will be given to normal traffic for uploads.Brian Kayserhttps://www.blogger.com/profile/14553812295322745265noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-59011401684819956262012-04-11T18:50:50.247-04:002012-04-11T18:50:50.247-04:00May be it's a bit too late, but why do you sha...May be it's a bit too late, but why do you shape at 600 Kbt only?<br />Should not you shape at your CIR (1Mb)?<br />And from there PRIORITY-POLICY will act in a way to prioritize VOIP-TRAFFIC ?<br /><br />In other words, everything will be shaped at 1Mb speed apart from voice which will be prioritized (still remains in 1Mb boundaries in case it becomes more 1Mb in volume).Flooterhttps://www.blogger.com/profile/11215543231965442941noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-1181458539335384942010-12-20T08:48:50.953-05:002010-12-20T08:48:50.953-05:00I just checked one of the ASA's I am doing thi...I just checked one of the ASA's I am doing this on and it is only at 7.2(4). Cisco may have changed some of the commands or syntax. Which commands are not working?Brian Kayserhttps://www.blogger.com/profile/14553812295322745265noreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-77642945376482888542010-12-16T12:28:06.283-05:002010-12-16T12:28:06.283-05:00I am at 8.0(3), not all the commands are available...I am at 8.0(3), not all the commands are available. What release do you need to be at for the above?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7943835118979294771.post-42850269775523262272010-10-27T10:49:03.560-04:002010-10-27T10:49:03.560-04:00Thanks!! Just what I was looking for, great info!...Thanks!! Just what I was looking for, great info!Bobnoreply@blogger.com