Implementing QoS Preclassify
Quality of service (QoS) preclassify is designed for tunnel interfaces. When the feature is enabled, the QoS features on the output interface classify packets before encryption, allowing traffic flows to be managed in congested environments. The result is more effective packet tunneling.
Note
The qos pre-classify command is restricted to IP packets defined in crypto maps, tunnel interfaces, and virtual templates.
| Router(config)# interface serial 2/0 | Enters interface configuration mode. |
| Router(config-if)# ip address 10.1.1.1 | Assigns a physical interface IP address. |
| Router(config-if)# service-policy output 2HEADQ | Applies a service policy to the interface. |
| | NOTE: The policy "2HEADQ" (not shown) implements a QoS strategy for marked traffic destined for a GRE/IPSec tunnel. |
| Router(config-if)# exit | Returns to global configuration mode. |
| Router(config)# interface tunnel1 | Creates a GRE tunnel. |
| Router(config-if)# ip address 172.16.1.1 | Assigns the tunnel IP address. |
| Router(config-if)# tunnel source serial 2/0 | Assigns the tunnel source interface. |
| Router(config-if)# tunnel destination 172.16.1.2 | Configures the tunnel's IP endpoint. |
| Router(config-if)# crypto map CLOWNS | Applies a crypto map to the GRE tunnel interface. |
| Router(config-if)# qos pre-classify | Classifies packet on its pre-tunnel attributes. |
| Router(config-if)# exit | Returns to global configuration mode. |
| Router(config)# crypto map CLOWNS 10 ipsec-isakmp | Creates crypto map CLOWNS. |
| Router(config-crypto-map)# set peer 10.1.1.2 | Configures the destination peer of the IPSec tunnel. |
| Router(config-crypto-map)# set transform-set HEADQ | Declares a transform set. |
| Router(config-crypto-map)# match ip address 101 | Chooses the tunnel traffic using access-list 101. |
| Router(config-crypto-map)# qos pre-classify | Classifies packet on its pre-tunnel attributes. |
| Router(config-crypto-map)# exit | Returns to global configuration mode. |