Sunday, June 7, 2009

Basic MQC Configuration

Three easy steps to MQC (Modular QoS CLI) Configuration:
Step 1: Classify traffic via class-map
Step 2: Assign policies to the traffic classes via policy-map
Step 3: Apply above policies to an interface via service-policy

! ------------------------------------
! Sample Scenraio:
! ------------------------------------
For the following traffic going out Serial0/1 of the device, do the following:
* for voice traffic, reserve 256kbps priority bandwidth
* for email traffic (pop3, imap, smtp), reserve 128kbps bandwith
* for telnet traffic coming from 10.10.10.10, limit to 3200bps bandwidth

! ------------------------------------
! BEGIN CONFIGURATION
! ------------------------------------
Router(config)#access-list 101 host 10.10.10.10 any eq 23
Router(config)#class-map VOICE
Router(config-cmap)#match protocol rtp
Router(config-cmap)#exit
Router(config)#class-map match-any EMAIL
Router(config-cmap)#match protocol pop3
Router(config-cmap)#match protocol imap
Router(config-cmap)#match protocol smtp
Router(config-cmap)#exit
Router(config)#class-map ACL_101
Router(config-cmap)#match access-group 101
Router(config-cmap)#exit

Router(config)#policy-map MY_POLICY
Router(config-pmap)#class VOICE
Router(config-pmap-c)#priority 256
Router(config-pmap-c)#exit
Router(config-pmap)#class EMAIL
Router(config-pmap-c)#bandwidth 128
Router(config-pmap-c)#exit
Router(config-pmap)#class ACL_101
Router(config-pmap-c)#police 3200
Router(config-pmap-c)#exit
Router(config-pmap)#exit

Router(config)#interface Serial0/1
Router(config-if)#service-policy output MY_POLICY
Router(config-if)#exit
Router(config)#

! ------------------------------------
! NOTES
! ------------------------------------

Router(config)#class-map [match-all|match-any] class_name
  • match-all - the class must match all the succeeding criteria
  • match-any - the class must match any of the succeeding criteria
  • if not specified, defaults to match-all

    Router(config-cmap)#match {protocol|access-group} value
  • protocol - based on known traffic classes via NBAR
  • access-group - based on ACLs
  • not limited to the above criteria; other criteria include class-map (i.e. nested class-maps), CoS, DSCP, IP Precedence, input-interface, MAC address, QoS group, UDP Port Ranges

    Router(config-if)#service-policy {input|output} policy-name
  • only one policy per direction per interface can be applied;
  • that is, each interface can have at most one inbound policy and one outbound policy.

    Other command syntax will be dealt with in another post.