Ernie's Cisco 2950 QoS configuration example

The Cisco 2950 Ethernet switch has some limited basic QoS functionality that you can (and should) configure to support VoIP.

The following assumptions are made:

  • You are using an existing 2950 only until  you can afford to purchase a 2960 or better (You have been warned!)
  • Your VoIP gear (Phones and PBX etc.) has the ability to mark voice RTP traffic via COS and DSCP
  • The following QoS markings are assumed:
    - COS 5 / DSCP 46 = Voice RTP
    - COS 4 / DSCP 34 = Video
    - COS 3 / DSCP 26 = Voice Control
    - All other regular traffic (like email and web) are not marked (by default this usually the case)
  • In the examples below, it is assumed that Voice RTP traffic is already marked COS 5 / DSCP 46 by configuring your IP PBX and VoIP phones to do so

Steps to configure QoS on a Cisco 2950:

  1. Verify that you set your IP PBX and IP Phones to mark Voice RTP traffic as COS 5 / DSCP 46 (and Voice Control traffic COS 3 / DSCP 26 if you can)
  2. Create access list 105 for your "RTP Voice" traffic (Don't worry if you don't list every UDP port, we will get everything with DSCP 46 in the class map later)
  3. Create access list 104 for your "Priority Applications" traffic like video and Citrix etc.
  4. Create access list 103 for your "Voice Control" traffic
  5. Create Class Maps to "Classify" traffic into groups by name
  6. Create a Policy Map that uses your Class Maps
  7. Set the DSCP to COS mapping
  8. Adjust the "Weighted Round Robin" queues (via COS markings) to give more weight to RTP Voice traffic
  9. Apply the "Per Interface" specific commands to enable QoS on the uplink interface
    Trying to apply this QoS policy to every interface runs the 2950 out of resources:
    "%Error: Service policy cannot be supported -
    Rules required exceed available resources in ASIC.
    Service Policy attachment failed"
enable
configure terminal

! Access List Example (You identify RTP Audio traffic)
ip access-list extended 105
permit udp any any eq 2048
permit udp any any eq 2050
permit udp any any eq 2052
permit udp any any eq 2054
permit udp any any eq 2056
permit udp any any eq 2058
permit udp any any eq 2060
permit udp any any eq 2062
permit udp any any eq 2064
permit udp any any eq 2066
permit udp any any eq 2068
permit udp any any eq 2070
permit udp any any eq 2072
permit udp any any eq 2074
permit udp any any eq 2076
permit udp any any eq 2078
access-list 105 remark *************** RTP Audio Traffic ****************

 

! Access List Example (You identify Video and Other Priority Applications traffic)
ip access-list extended 104
permit tcp any any eq 22
permit tcp any any eq 23
permit tcp any any eq 389
permit tcp any any eq 443
permit tcp any any eq 1494
permit tcp any any eq 1503
permit tcp any any eq 2512
permit tcp any any eq 2513
permit tcp any any eq 2598
permit tcp any any eq 2897
permit tcp any any eq 3601
permit tcp any any eq 3603
permit tcp any any eq 3604
permit tcp any any eq 8080
permit tcp any any eq 8082
permit tcp any any eq 9001
permit tcp any any eq 9002
permit tcp any any eq 9005
permit tcp any any eq 27000
permit udp any any eq 161
permit udp any any eq 162
permit udp any any eq 1604
access-list 104 remark ******** Video and Priority Apps Traffic *********

 

! Access List Example (You identify VoIP Control  traffic)
ip access-list extended 103
permit tcp any any eq 1039
permit tcp any any eq 1720
permit tcp any any eq 1731
permit tcp any any eq 2945
permit tcp any any eq 3230
permit tcp any any eq 3231
permit tcp any any eq 3232
permit tcp any any eq 3233
permit tcp any any eq 3234
permit tcp any any eq 3235
permit tcp any any eq 5010
permit tcp any any eq 5012
permit udp any any eq 1718
permit udp any any eq 1719
permit udp any any eq 3230
permit udp any any eq 3231
permit udp any any eq 3232
permit udp any any eq 3233
permit udp any any eq 3234
permit udp any any eq 3235
permit udp any any eq 5005
access-list 103 remark ************** VoIP Control Traffic **************

 

! Class Map Examples (Create traffic classes)
class-map match-all CM5-VoIP-RTP-Traffic
  description *************** VoIP RTP Traffic Class Map ****************
  match access-group 105
  match ip dscp 46
  exit
class-map match-all CM4-Video-and-Priority-Apps-Traffic
  description ******** Video and Priority Apps Traffic Class Map ********
  match access-group 104
  match ip dscp 34
  exit
class-map match-all CM3-VoIP-Control-Traffic
  description ************* VoIP Control Traffic Class Map **************
  match access-group 103
  match ip dscp 26
  exit

 

! Policy Map Example (Create a QoS policy)
policy-map PM-Enterprise-Traffic
  description **************** Enterprise Traffic Policy ****************
  class CM5-VoIP-RTP-Traffic
    set ip dscp 46
    police 5000000 65536 exceed-action dscp 34
    exit
  class CM4-Video-and-Priority-Apps-Traffic
    set ip dscp 34
    police 2000000 65536 exceed-action dscp 0
    exit
  class CM3-VoIP-Control-Traffic
    set ip dscp 26
    police 1000000 65536 exceed-action dscp 34
    exit
  exit

 

! COS to DSCP Map Example (DSCP=COS: 0=0, 8=1, 16=2, 26=3, 34=4, 46=5, 48=6, 56=7)
mls qos map cos-dscp 0 8 16 26 34 46 48 56

 

! Weighted Round Robin Example (Traffic shaping with 4 queues specifying COS)
wrr-queue bandwidth 20 20 80 0
wrr-queue cos-map 1 0 1 2
wrr-queue cos-map 2 4
wrr-queue cos-map 3 3 6 7
wrr-queue cos-map 4 5

 

! Interface Examples (You apply a policy to specific interfaces)
interface FastEthernet0/1
  description Connected to PC with IP Phone or other VoIP Device
  no ip address
  no cdp enable
  spanning-tree portfast
  no logging event link-status
  no snmp trap link-status
  fair-queue
  mls qos trust dscp
  exit

interface FastEthernet0/24
  description Connected to server or IP PBX gear
  no ip address
  cdp enable
  logging event link-status
  snmp trap link-status
  fair-queue
  speed 100
  duplex full
  mls qos trust dscp
  service-policy input PM-Enterprise-Traffic
  exit

interface GigabitEthernet0/1
  description Uplink to core switch or other switch
  no ip address
  cdp enable
  logging event link-status
  snmp trap link-status
  switchport mode trunk
  switchport nonegotiate
  mls qos trust dscp
  service-policy input PM-Enterprise-Traffic
  exit

! Quick way to apply mls qos trust dscp to all interfaces in a range:
interface range fastEthernet 0/1 - 48
  mls qos trust dscp
  fair-queue
  exit
interface range GigabitEthernet 0/1 - 2
  mls qos trust dscp
  exit
exit

wr