Aruba & ProVision-based
1748224 Members
4557 Online
108759 Solutions
New Discussion юеВ

Re: 2620s, I'm new to QoS, would like some assistance

 
W Fooshee
Advisor

2620s, I'm new to QoS, would like some assistance

My customer has 4 users at an office separate from their main location. We have a 3Mbps circuit between the sites, with each end connected to a port on a 2620 switch, a switch I've not personally used before. We needed PoE for IP phones and have enjoyed good success in the past with other Procurve switches.

 

I have the data network (PCs, servers, printers, etc.) on the default VLAN (VLAN 1). We recently added a VoIP phone system, and added VLAN 10 for that. There is also a VLAN 2 for WAPs located around the offices, for public wifi access to the Internet.

 

On the 2620 on the main office side of the link, VLAN 1 (PCs) is untagged on port 23-28. VLAN 2 (public wifi) is tagged on ports 25 and 26. VLAN 10 (voice) is untagged on ports 1-22, and tagged on ports 25 and 26. Port 26 is the interconnect to the core switch, and port 25 connects to the circuit.

 

On the 2620 at the remote office, VLAN 1 is untagged on ports 13-23 and 25-28, VLAN 2 is untagged on port 24 and tagged on port 25, VLAN 10 is untagged on ports 1-12 and tagged on port 26. Ports 1-12 would carry phones, 13-23 would carry PCs or printers, port 24 would have the WAP for that office, and port 26 connects to the circuit.

 

Customer states that periodically they lose all connection to the main office. Phones and LAN traffic are all lost. It usually recovers after 30 seconds or so, but has been known to last several minutes. They have also stated that phone calls sometimes become one-way; they can't hear the caller but the caller can hear them.

 

When first set up, we made no QoS configurations. When the customer initially reported issues, I made VLAN 10 a VOICE VLAN on both switches, after reading a post here saying that would be all that is needed to prioritize VLAN 10. VLAN 2 has no QoS config as yet, as the WAP has not been deliverd.

 

Customer continued to report issues, so I added priorities to the VLANs, setting priority 5 to VLAN 10 and priority 2 to VLAN 1. That seems to have had no effect.

 

Our circuit provider gave us a week of free turnup to 10Mbps, and customer reported no issues during that time. That dropped back to 3 Mbps today, and it was only a couple of hours before issues were reported with lost connections on the PCs to the servers, or dropped calls.

 

The remote office accesses the corporate servers through this connection, and the Internet as well. The phones are an Avaya IP Office system, which is located at the main office, of course. The circuit is sold by the provider as a Private VLAN, meaning it's a simple point-to-point Ethernet connection. Pretty much a miles-long network cable, no routing involved. We did have to get them to allow .1q tagging over their line when it was first installed.

 

Here is "show config" from the local switch, then the same from the remote switch:

 

Startup configuration:

; J9625A Configuration Editor; Created on release #RA.15.05.0006
; Ver #01:01:00

hostname "HSM-ServerRoom-2620"
time timezone -6
time daylight-time-rule Continental-US-and-Canada
interface 25
   speed-duplex 100-full
exit
vlan 1
   name "DEFAULT_VLAN"
   untagged 23-28
   qos priority 2
   ip address 192.168.98.9 255.255.255.0
   no untagged 1-22
   exit
vlan 10
   name "Voice VLAN"
   untagged 1-22
   qos priority 5
   tagged 25-26
   voice
   no ip address
   exit
vlan 2
   name "wireless"
   tagged 25-26
   no ip address
   exit
ip route 0.0.0.0 0.0.0.0 192.168.98.1
snmp-server community "public" unrestricted
no dhcp config-file-update
password manager
password operator

 

*************** and the remote *************

 

Startup configuration:

; J9625A Configuration Editor; Created on release #RA.15.05.0006
; Ver #01:01:00

hostname "HSM-Beach-2620"
time timezone -6
time daylight-time-rule Continental-US-and-Canada
vlan 1
   name "DEFAULT_VLAN"
   untagged 13-23,25-28
   qos priority 2
   ip address 192.168.98.12 255.255.255.0
   no untagged 1-12,24
   exit
vlan 10
   name "Voice VLAN"
   untagged 1-12
   qos priority 5
   tagged 26
   voice
   no ip address
   exit
vlan 2
   name "Wireless"
   untagged 24
   tagged 25
   no ip address
   exit
snmp-server community "public" unrestricted

 

My obvious question is, have I done anything remotely correctly with the QoS configuration, and if not, how do I correct it? My assumption is that the 3Mbps ciruit is sufficient for 4 users, as we've built a larger office on a T-1 in the past.

 

I don't know how to monitor traffic on the switches, or if these even have that capability. All I can tell you is that there are no errors of any kind accumulated on the ports linking the switches together, and the circuit provider states they have no alarms. of course, those error statistics have nothing to do with Layer 3 issues, do they?

 

4 REPLIES 4
Richard Brodie_1
Honored Contributor

Re: 2620s, I'm new to QoS, would like some assistance

I'm no expert on QoS but it seems to me that you're not going to get very far prioritising traffic, unless you can do it on whatever has the 3Mb interface. If that's too dumb/out of your control, then I would think that you need something that does traffic shaping. I'm not sure how far you'll get doing it on a 2620.

paulgear
Esteemed Contributor

Re: 2620s, I'm new to QoS, would like some assistance

Hi W Fooshee,

First, kudos for a well-described problem! :-) That makes all the difference in getting to the solution quickly.

Like Richard, i disclaim any expertise in QoS, but i've got a couple of thoughts:

1. I wonder whether the 30-second pauses are actually nothing to do with uplink bandwidth or QoS but are actually bridging loops. I would suggest turning on spanning-tree bpdu-protect and loop-protect on the edge ports to make sure this isn't the issue. The only thing in your problem description that suggests QoS is the problem is the fact that turning the circuit up to 10 Mbps made it go away. Are you monitoring the switch & circuit with SNMP? What does the link utilisation look like when they have an issue?

2. You're actually downgrading the QoS priority of the voice VLAN by specifying 'qos pri 5' - if you take this out, the 'voice' directive will set the QoS priority to 6 (among other things).

3. An unrelated point, but i would suggest setting the SNMP community to restricted rather than unrestricted. You don't appear to have any ACLs on your SNMP community, so it would be better not to leave it writable.

Good luck!

Regards,
Paul
W Fooshee
Advisor

Re: 2620s, I'm new to QoS, would like some assistance

OK, after reading up some more, trying to edjumacate m'self and all, it appears that by leaving VLAN1 untagged on the interconnects I've removed the ability to prioritize VLAN1 traffic. The QoS priority is applied as part of the outbound 802.1q tag, Without the tag, there is no QoS, and the other switch has no QoS to read.

 

So today I reconfigured all of my interconnect ports on all of my switches to have VLAN1 tagged, rather than untagged.

 

Running them untagged passes traffic, but I can't prioritize that traffic. I had some back-and-forth between the main site and the remote, as the link breaks when one end goes tagged before the other one does, and I was not clever enough to reconfigure the OTHER end first.

 

It was mentioned that if I have no control of the circuit that maybe QoS is a useless exercise. I am confident that the circuit passes my priorities, as QoS in VLAN tagging is part of the 802.1q tagging information, and I had to have the circuit vendor allow that when we started, as by their default I didn't have the phone VLAN up at first. Once they enabled dot1q, then QoS priority of VLANs follows, as it's part of that.

 

Having done this, though, I'm not sure QoS is the issue anyway. Actually having low priority on VLAN1 may help, but when I visited the office, I found 4 of the 5 users present were streaming Pandora to their desktops. When I stated that I wasn't sure we had room in the pipe for that, they all looked at me as if I had dog poop on my face or something. After some begging and pleading, I have convinced them to do without music streaming for 2 or 3 days so we can see if the situation improves.

 

I don't really know what Pandora needs on the network per user, but the pipe to their Internet router is only 3 Mbs, which is less than their Internet provider's upload bandwidth, so enough Internet could choke my circuit.

 

W Fooshee
Advisor

Re: 2620s, I'm new to QoS, would like some assistance

I meant to include: since this circuit is being used unrouted, i.e. it's a 2-mile-long patch cable between the switches and my connection is Layer 2, I have no way to actually monitor traffic in real time.

 

I can get port statistics on the switches, but since error counts are 0, I'm not learning anything. The circuit vendor hasn't been able to provide any such stats, either, and they have no alarms anywhere.

 

The only thing I can say about the traffic is that I have run a Pingplotter track from their server at one end of the line to the switch at the other, and I've seen packet loss on that steady ping once in a while. Again, no errors on the switches, so Layer 2 has no issues, apparently. Since I'm not routing to the circuit, I have nothing to look at Layer 3 with, other than that steady Pingplotter running I mentioned, and it's not telling me what was going on when it dropped packets, just that they dropped.