Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Asdm 7 User Guide. The Cisco manuals for Computer Equipment are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 541

    Page 541 CH A P T E R 23-1 Cisco ASA Series Firewall ASDM Configuration Guide 23 Configuring QoS Have you ever participated in a long-distance phone call that involved a satellite connection? The conversation might be interrupted with brief, but perceptible, gaps at odd intervals. Those gaps are the time, called the latency, between the arrival of packets being transmitted over the network. Some network traffic, such as voice and video, cannot tolerate long latency times. Quality of service (QoS) is a... 
    CH A P T E R
 
23-1
Cisco ASA Series Firewall ASDM Configuration Guide
 
23
Configuring QoS
Have you ever participated in a long-distance phone call that involved a satellite connection? The 
conversation might be interrupted with brief, but perceptible, gaps at odd intervals. Those gaps are the 
time, called the latency, between the arrival of packets being transmitted over the network. Some network 
traffic, such as voice and video, cannot tolerate long latency times. Quality of service (QoS) is a...

    Page 542

    Page 542 23-2 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Information About QoS Supported QoS Features The ASA supports the following QoS features: Policing—To prevent individual flows from hogging the network bandwidth, you can limit the maximum bandwidth used per flow. See the “Information About Policing” section on page 23-3 for more information. Priority queuing—For critical traffic that cannot tolerate latency, such as Voice over IP (VoIP), you can identify... 
     
23-2
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Information About QoS
Supported QoS Features
The ASA supports the following QoS features:
Policing—To prevent individual flows from hogging the network bandwidth, you can limit the 
maximum bandwidth used per flow. See the “Information About Policing” section on page 23-3 for 
more information.
Priority queuing—For critical traffic that cannot tolerate latency, such as Voice over IP (VoIP), you 
can identify...

    Page 543

    Page 543 23-3 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Information About QoS For traffic shaping, a token bucket permits burstiness but bounds it. It guarantees that the burstiness is bounded so that the flow will never send faster than the token bucket capacity, divided by the time interval, plus the established rate at which tokens are placed in the token bucket. See the following formula: (token bucket capacity in bits / time interval in seconds) + established... 
     
23-3
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Information About QoS
For traffic shaping, a token bucket permits burstiness but bounds it. It guarantees that the burstiness is 
bounded so that the flow will never send faster than the token bucket capacity, divided by the time 
interval, plus the established rate at which tokens are placed in the token bucket. See the following 
formula:
(token bucket capacity in bits / time interval in seconds) + established...

    Page 544

    Page 544 23-4 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Information About QoS Information About Traffic Shaping Traffic shaping is used to match device and link speeds, thereby controlling packet loss, variable delay, and link saturation, which can cause jitter and delay. NoteTraffic shaping is only supported on the ASA 5505, 5510, 5520, 5540, and 5550. Traffic shaping must be applied to all outgoing traffic on a physical interface or in the case of the ASA 5505,... 
     
23-4
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Information About QoS
Information About Traffic Shaping
Traffic shaping is used to match device and link speeds, thereby controlling packet loss, variable delay, 
and link saturation, which can cause jitter and delay.
NoteTraffic shaping is only supported on the ASA 5505, 5510, 5520, 5540, and 5550.
Traffic shaping must be applied to all outgoing traffic on a physical interface or in the case of the 
ASA 5505,...

    Page 545

    Page 545 23-5 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Licensing Requirements for QoS You cannot configure traffic shaping and standard priority queuing for the same interface; only hierarchical priority queuing is allowed. For example, if you configure standard priority queuing for the global policy, and then configure traffic shaping for a specific interface, the feature you configured last is rejected because the global policy overlaps the interface policy.... 
     
23-5
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Licensing Requirements for QoS
You cannot configure traffic shaping and standard priority queuing for the same interface; only 
hierarchical priority queuing is allowed. For example, if you configure standard priority queuing for the 
global policy, and then configure traffic shaping for a specific interface, the feature you configured last 
is rejected because the global policy overlaps the interface policy....

    Page 546

    Page 546 23-6 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Configuring QoS (ASA 5512-X through ASA 5555-X) Priority queuing is not supported on the Management 0/0 interface. (ASASM) Only policing is supported. Additional Guidelines and Limitations QoS is applied unidirectionally; only traffic that enters (or exits, depending on the QoS feature) the interface to which you apply the policy map is affected. See the “Feature Directionality” section on page 1-2 for more... 
     
23-6
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Configuring QoS
(ASA 5512-X through ASA 5555-X) Priority queuing is not supported on the Management 0/0 
interface.
(ASASM) Only policing is supported.
Additional Guidelines and Limitations
QoS is applied unidirectionally; only traffic that enters (or exits, depending on the QoS feature) the 
interface to which you apply the policy map is affected. See the “Feature Directionality” section on 
page 1-2 for more...

    Page 547

    Page 547 23-7 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Configuring QoS Determining the Queue and TX Ring Limits for a Standard Priority Queue To determine the priority queue and TX ring limits, use the worksheets below. Table 23-1 shows how to calculate the priority queue size. Because queues are not of infinite size, they can fill and overflow. When a queue is full, any additional packets cannot get into the queue and are dropped (called tail drop). To avoid... 
     
23-7
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Configuring QoS
Determining the Queue and TX Ring Limits for a Standard Priority Queue
To determine the priority queue and TX ring limits, use the worksheets below.
Table 23-1 shows how to calculate the priority queue size. Because queues are not of infinite size, they 
can fill and overflow. When a queue is full, any additional packets cannot get into the queue and are 
dropped (called tail drop). To avoid...

    Page 548

    Page 548 23-8 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Configuring QoS Configuring the Standard Priority Queue for an Interface If you enable standard priority queuing for traffic on a physical interface, then you need to also create the priority queue on each interface. Each physical interface uses two queues: one for priority traffic, and the other for all other traffic. For the other traffic, you can optionally configure policing. NoteThe standard priority... 
     
23-8
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Configuring QoS
Configuring the Standard Priority Queue for an Interface
If you enable standard priority queuing for traffic on a physical interface, then you need to also create 
the priority queue on each interface. Each physical interface uses two queues: one for priority traffic, 
and the other for all other traffic. For the other traffic, you can optionally configure policing.
NoteThe standard priority...

    Page 549

    Page 549 23-9 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Configuring QoS This option sets the maximum number of low-latency or normal priority packets allowed into the Ethernet transmit driver before the driver pushes back to the queues on the interface to let them buffer packets until the congestion clears. The upper limit of the range of values is determined dynamically at run time. The key determinants are the memory needed to support the queues and the memory... 
     
23-9
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Configuring QoS
This option sets the maximum number of low-latency or normal priority packets allowed into the 
Ethernet transmit driver before the driver pushes back to the queues on the interface to let them buffer 
packets until the congestion clears. 
The upper limit of the range of values is determined dynamically at run time. The key determinants are 
the memory needed to support the queues and the memory...

    Page 550

    Page 550 23-10 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 23 Configuring QoS Configuring QoS Step 4Click Finish. The service policy rule is added to the rule table. Step 5To configure policing, configure a service policy rule for the same interface in the Configuration > Firewall > Service Policy Rules pane according to Chapter 1, “Configuring a Service Policy.” For policing traffic, you can choose to police all traffic that you are not prioritizing, or you can limit the traffic to... 
     
23-10
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 23      Configuring QoS
  Configuring QoS
Step 4Click Finish. The service policy rule is added to the rule table. 
Step 5To configure policing, configure a service policy rule for the same interface in the Configuration > 
Firewall > Service Policy Rules pane according to Chapter 1, “Configuring a Service Policy.”
For policing traffic, you can choose to police all traffic that you are not prioritizing, or you can limit the 
traffic to...
    Start reading Cisco Asdm 7 User Guide
    All Cisco manuals