Sunday, April 3, 2011

Configure QoS Rate Limiting and Priority Queuing Cisco ASA/PIX Firewall

Note: Only packets with normal priority can be policed. Packets with high priority are not policed.

- Maximum rate for tcp_traffic class is 56,000 bits/second, maximum burst size is 10,500 bytes/second
- Traffic in the voice class has no policed maximum speed or burst rate because it belongs to a priority class
- Priority queue on interface outside queue-limit is 2048 packets, and tx-ring-limit is 256 packets

hostname(config)#access-list tcp_traffic permit tcp any any
hostname(config)#class-map tcp_traffic
hostname(config-cmap)#match access-list tcp_traffic

hostname(config)#class-map voice
hostname(config-cmap)#match dscp ef

hostname(config)#policy-map qos
hostname(config-pmap)#class tcp_traffic
hostname(config-pmap-c)#police output 56000 10500
hostname(config-pmap-c)#class voice
hostname(config-pmap-c)#priority

hostname(config)#service-policy qos interface outside

hostname(config)#priority-queue outside
hostname(config-priority-queue)#queue-limit 2048
hostname(config-priority-queue)#tx-ring-limit 256

No comments:

Post a Comment