Quality of Service for Virtual Private Networks - Cisco Systems
Feature Overview
When packets are encapsulated by tunnel or encryption headers, Quality of Service (QoS) features are unable to examine the original packet headers and correctly classify the packets. Packets traveling across the same tunnel have the same tunnel headers, so the packets are treated identically if the physical interface is congested.
With the growing popularity of Virtual Private Networks (VPNs), the need to classify traffic within a traffic tunnel is gaining importance. QoS features have historically been unable to classify traffic within a tunnel. With the introduction of the Quality of Service for Virtual Private Networks (QoS for VPNs) feature, packets can now be classified before tunneling and encryption occur. The process of classifying features before tunneling and encryption allows routers to configure QoS features and tunneling and cypto maps on the same interface.
The QoS for VPNs feature is designed for tunnel interfaces. When the new feature is enabled, the QoS features on the output interface classify packets before encryption, allowing traffic flows to be adjusted in congested environments. The end result is more effective packet tunneling.
QoS for VPNs is supported for Generic Routing Encapsulation (GRE), IP in IP (IPIP) tunnels, Layer 2 Tunneling Protocol (L2TP), Layer 2 Forwarding (L2F), Point to Point Tunneling Protocol (PPTP), and IPSec.
Benefits
The QoS for VPNs feature provides a solution for making Cisco IOS Quality of Service services operate in conjunction with tunneling and encryption on an interface. Cisco IOS software can classify packets and apply the appropriate QoS service before the data is encrypted and tunneled. The QoS for VPN feature allows users to look inside the packet so that packet classification can be done based on original port numbers and based on source and destination IP addresses. This allows the service provider to treat mission critical or multi-service traffic with higher priority across their network.
Restrictions
- Interfaces running cascading QoS features, such as generic traffic shaping or custom queuing, are required to have QoS for VPNs enabled or disabled on all cascading features. If the QoS for VPNs feature is enabled on one cascading feature, the QoS for VPNs feature must be enabled on all cascading features. Similarly, if the QoS for VPNs feature is disabled on one cascading feature, the QoS for VPNs feature must be disabled on all cascading features.
- QoS for VPNs cannot be used in conjunction with generic traffic shaping and custom queuing in Cisco 2600 and Cisco 3600 series routers only.
No comments:
Post a Comment