2020-01-25 17:57 1) Was the qos preclassify option given in the tunnel interface to support preIP header QoS for the legacy GREoIPSec where we applied to crypto maps on both tunnel and physical interface or is it for the IPSec profile based GREoIPSec VPNs like DMVPN?

It is matching the IPSec header instead of matching parameters in the original header despite qos preclassify configuration. Conditions: It has been observed in a Dynamic Multipoint VPN (DMVPN) spoke, GRE tunnel with IPSec protection configured with qospreclassify and applying service policy to the physical interface. cisco qos pre-classify dmvpn This lesson explains what QoS preclassify is and why you might needs this on Tunnel interfaces. Navigation NetworkLessons. com. Search for: QoS PreClassify on Cisco IOS. Posted on November 27, 2014; by Rene Molenaar; in CCIE Routing& Switching, It was a great help for designing one of our clients DMVPN network setup. Rene also took a

First of all, Cisco TAC is correct about qos preclassify command: o n the spokes y ou need the command under tunnel configuration, To be fair, we need to understand that QoS on DMVPN can do only one thing manage outbound queue, but not inbound! cisco qos pre-classify dmvpn

Good point made by JanKlaas Kesteloot above. I would avoid using QoS preclassify if at all possible as this feature regularly has quite a few bugs advice I received from Cisco TAC. Try a search in the bug tool for QoS preclassify . Cisco QoS for GRE Tunnels. A tunnel interface supports many of the same QoS features as a physical interface. These sections describe the supported QoS features. The qos preclassify command is required only if you classify traffic on IP, protocol, or port. If classification is based on DSCP code, then qos preclassify is not required. To demonstrate DMVPN PerTunnel QoS I will use the following topology: Above we have a hub and four spoke routers. Lets imagine that the spoke1 and spoke2 routers are connected using a 5 Mbps link, the spoke3 and spoke4 routers are using a slower 1 Mbps link. cisco qos pre-classify dmvpn SPOKE (Cisco1841) run QoS preclassify and servicepolicy on the DMVPN tunnel interface SPOKE (Cisco 1941 ISR2) run pertunnel QoS using NHRP group as spoke How about if the DMVPN is a SpoketoSpoke setup will this still be the configuration we can use? though i havent tried configuring qos with DMVPN setup i found some thing from cisco site which says that some of the commands are not configurable under DMVP tunnel interface. . The following commands are not supported under mGRE with DMVPN: ip tcp adjustmss, qos preclassify tunnel vrf, tunnel pathmtudiscovery, and tunnel vrf QoS PreClassify. The QoS PreClassify feature often is confused with ToS byte preservation. QoS PreClassify is a Cisco IOS feature that allows for packets to be classified on header parameters other than ToS byte values after encryption.

