How can I reasonably verify my QoS configuration is working?
I've deployed a standard QoS config to a customer site running a Cisco 891 router with IOS 15.1(4)M4. The WAN link is a single ADSL2+ link (24/1Mbps) connected to FE8.
I've previously tested this configuration at another site by using iperf from the LAN to generate 1+ Mbps of upstream traffic and confirmed a noticeable change in call quality when enabling QoS on the WAN interface. This is how I initially confirmed my configuration worked.
I've recently deployed this same configuration to another site, but they are still having issues with upstream VOIP bandwidth. I would like to reasonably confirm that QoS is working without going to the effort of actually saturating the link (particularly because they are out of state, and there's no tech onsite). And then try and isolate what I might be able to teak to get better voice quality.
Given the policy-map output below, focusing specifically on the VOICE class-map as an example, what do the following statistics mean?:
3860628 packets, 1070196895 bytes: Can I assume that this is the total number of packets/bytes matched in the class-map?
5 minute offered rate 0 bps, drop rate 0 bps: Is the "offered rate" the rate in bps of traffic that has been prioritised, if not then what? And similarly, is the drop rate the excess rate of traffic that could not be prioritised due to lack of bandwidth? Would that then indicate that we need X bps more bandwidth for VOICE to accommodate such traffic peaks?
Priority: 40% (340 kbps), burst bytes 8500, b/w exceed drops: 5: In this line, I'm unsure what b/w exceed drops means?
Given that these statistics are likely to change (I imagine) during peak times (which is when you'd most want to see them). Is there some way that I can log these numbers, or perhaps query them via SNMP so they can be graphed programmatically?
I understand that QoS is a fairly wide-ranging topic. When trying to learn about this, I am often being overwhelmed by different information either because I'm reading about different types of QoS implementations, or because of differing IOS verions (eg. Older docs using commands where the syntax or output has changed).
To this end, can anyone recommend some Cisco training docs or video courses that might help me focus in on getting a better grip on working with QoS?
Some additional Info
Here's a sample QoS config:
class-map match-any SSH match protocol ssh class-map match-any LogMeIn match access-group name LogMeIn class-map match-any VOICE match protocol sip match protocol rtp policy-map ADSLPrioritisationOutbound class VOICE priority percent 40 class SSH bandwidth 80 class LogMeIn priority percent 20 class class-default fair-queue policy-map ADSLPrioritisationOutboundParent class class-default shape average 850000 service-policy ADSLPrioritisationOutbound interface FastEthernet8 no ip address ip virtual-reassembly in duplex auto speed auto pppoe-client dial-pool-number 1 service-policy output ADSLPrioritisationOutboundParent
And policy-map interface output:
FastEthernet8 Service-policy output: ADSLPrioritisationOutboundParent Class-map: class-default (match-any) 18968101 packets, 6998385051 bytes 5 minute offered rate 3000 bps, drop rate 0 bps Match: any Queueing queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/93737/0 (pkts output/bytes output) 18874363/6936577128 shape (average) cir 850000, bc 3400, be 3400 target shape rate 850000 Service-policy : ADSLPrioritisationOutbound queue stats for all priority classes: queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 3860623/1070194985 Class-map: VOICE (match-any) 3860628 packets, 1070196895 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: protocol sip 97348 packets, 49867304 bytes 5 minute rate 0 bps Match: protocol rtp 3763280 packets, 1020329591 bytes 5 minute rate 0 bps Match: access-group name NEC-PBX 0 packets, 0 bytes 5 minute rate 0 bps Priority: 40% (340 kbps), burst bytes 8500, b/w exceed drops: 5 Class-map: SSH (match-any) 89497 packets, 19838544 bytes 5 minute offered rate 2000 bps, drop rate 0 bps Match: protocol ssh 89497 packets, 19838544 bytes 5 minute rate 2000 bps Queueing queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 89497/19838544 bandwidth 80 kbps Class-map: LogMeIn (match-any) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: access-group name LogMeIn 0 packets, 0 bytes 5 minute rate 0 bps Priority: 20% (170 kbps), burst bytes 4250, b/w exceed drops: 0 Class-map: class-default (match-any) 15017976 packets, 5908349612 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any Queueing queue limit 64 packets (queue depth/total drops/no-buffer drops/flowdrops) 0/93732/0/93732 (pkts output/bytes output) 14924243/5846543599 Fair-queue: per-flow queue limit 16
I'm assuming you mean IOS version 15.1 in the first sentence? I just want to clarify before making an edit.
Your question's pretty broad. There's a lot of different commands you can use to troubleshoot and monitor QoS, so I'll focus on the primary question you have, which is how to reasonably verify your QoS configuration is working and how to read the policy-map interface output.
The only true way to verify that QoS is working is to hook up a traffic generator and monitor your drop rate in various queues. Since that isn't typically feasible, particularly in a production environment, all you can really do is verify that the traffic is being marked and classified properly.
What you're really looking for, when it comes to verifying if your QoS configuration is working, is for the counters in the policy-map interface command to increment.
So, for example, in the output your provided:
Class-map: VOICE (match-any) 3860628 packets, 1070196895 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: protocol sip 97348 packets, 49867304 bytes 5 minute rate 0 bps Match: protocol rtp 3763280 packets, 1020329591 bytes 5 minute rate 0 bps Match: access-group name NEC-PBX 0 packets, 0 bytes 5 minute rate 0 bps Priority: 40% (340 kbps), burst bytes 8500, b/w exceed drops: 5
You can see that you're seeing packets under SIP and RTP, but not NEC-PBX. If you know you're getting SIP and RTP traffic across a link, you should see the packet counts increment and that's a reasonable way to know that your configuration is basically working.
Thanks. What do you mean by "monitor drop rate in various queues"? Is this the "drop rate X bps"? Regarding my example with needing a parent shaper for ADSL QoS, I had originally decided QoS was working when I saw the traffic get matched - but in the end it wasn't really doing any good. I agree that the question is still broad (I even tried to re-write it before I posted!). I'll make some edits shortly, and would appreciate any insights. Thanks again!
Ok there. I think if I at least fully understood those bits about the policy-map output, I'd be able to understand what's happening.
There's two things in particular you need to look at when you're verifying the configuration. The first is the total packet count and rate under the entire class and each individual "Match" line. That will tell you if packets are matching the policies and being classified/marked/prioritized appropriately (depending on what kind of policy you're looking at). The other thing is the drop rate under each, as well. Under normal network conditions, you probably shouldn't see drops in most classes, so a 0 isn't a problem. But if you are congested, then you'll see drops.