Configuring MQC Support for IP Sessions

Last Updated: December 19, 2012

The MQC Support for IP Sessions feature provides modular quality of service (QoS) command-line interface (CLI) provisioning on Cisco Intelligent Services Gateway (ISG) IP sessions. It makes the full set of modular QoS CLI (MQC) syntax available for the sessions, whether they are configured locally or downloaded from a remote authentication, authorization, and accounting (AAA) server.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for MQC Support for IP Sessions

General Restrictions

Creation of IP sessions over PPP sessions is not supported.


Note
This document uses the generic term PPP to cover all protocol types. Examples of protocols include PPP over Ethernet (PPPoE) and PPP over ATM (PPPoA).

Only the marking and policing features work in upstream traffic. All queuing, policing, and marking MQC features work in downstream traffic.

Class-level queues are allowed only at the child level in session policy maps. All other levels must have a single-level policy and use the default queues.

IP sessions over Gigabit EtherChannel (GEC) are not supported.

Because IP sessions cannot be load-balanced, load balancing is not supported on any system.

Information About MQC Support for IP Sessions

Supported Interfaces

MQC on IP sessions is supported through the following interfaces, arranged by system:

  • Cisco 10000 series systems
    • Physical Ethernet
    • .1Q, QinQ (unambiguous only)
  • Cisco 7200 and Cisco 7300 series systems
    • Physical Ethernet
    • .1Q, QinQ (unambiguous only)
    • Nonqueuing MQC over ATM
    • ATM 1483 RBE and ATM routed permanent virtual circuits (PVCs)
    • Generic routing encapsulation (GRE) tunnel. Policy maps are not allowed on the session and tunnel simultaneously.
  • Cisco 7600 series systems
    • Gigabit Ethernet with .1Q or QinQ subinterfaces
    • Routed bridge encapsulation (RBE)
    • Permanent virtual connection (PVC)

MQC is not supported on the following interfaces:

  • Bridge-Group Virtual Interface (BVI)
  • GEC
  • Interfaces configured for Layer 2 Tunnel Protocol (L2TP) sessions (on L2TP Network Servers (LNS))

The following features and configurations are used on MQC on IP sessions:

  • ISG policer for traffic classes

Note
Traffic classes are not supported on Cisco 7600 series systems.

ISG Policers

You can create configurations to work on an IP session with multiple traffic classes, and with one or more of the traffic classes acting as a policer. ISG policer is retained for backward compatibility and is fully supported if you do not want to migrate to MQC now. Note that ISG policing is supported on traffic classes, but MQC is not supported for traffic classes.

An ISG session can be configured with the ISG policer (also called dynamic rate limiting) or MQC, but not both. You should either use the ISG policer or migrate fully to MQC. If you do not migrate fully from ISG policer to MQC, a misconfiguration will occur.

Precedence Order in Policy Maps

A policy map can be attached to one or more interfaces to specify a service policy. Configuration sources combined with context determines which QoS policy map is applied. The three configuration sources and their general order of precedence are as follows:

  1. Per-user (per-subscriber) configuration
  2. Service profile
  3. Interface configuration

This order of precedence shows the general condition, that is, service profiles and per-user configurations have higher priority than interface configurations.

However, a change of authorization (CoA) per-user push replaces the current per-user configuration for any overlapping or common feature. Similarly, when a new service logs in, its configuration replaces any overlapping feature, from previously configured service profiles, that is not already in effect from a per-user configuration source

If the new service then logs off, the previously existing configuration is reapplied if no higher-precedence configuration source is in effect.

Given those precedence qualifications, the policy map is determined as follows:

  • If there is no policy map on the session, the incoming policy map is not applied.
  • If an existing policy map is configured from a higher priority source than an incoming one, the incoming policy map is not applied.
  • If an existing policy map is configured from a lower priority source than an incoming one, the incoming policy map replaces it.

Inheritance Rules on Cisco 10000 Series Systems

The inheritance rules on Cisco 10000 series systems for policies and queues from the parent interface are as follows:

  • When a session that does not have a policy map starts, it inherits the policy and queues from the immediate parent that has a policy; for example, a subinterface or main interface.
  • When a session with an inherited policy receives a policy from a RADIUS server, it first removes the inherited policy and then applies the policy from the RADIUS server.
  • When a session that does not have a policy starts and its parent interfaces also do not have a policy but a policy is later attached to the parent, there are two possible outcomes:
    • The policy is attached to the main interface, and sessions directly on that interface inherit it. Sessions on subinterfaces under the main interface that do not have a policy of their own also inherit it.
    • The policy is attached to the subinterface, and sessions under that subinterface inherit it.
  • When a user removes a policy from the parent interface, there are two possible outcomes:
    • The policy is removed from a subinterface and is uninherited from any sessions on the subinterface that inherited the policy from it. If the main interface has a policy, sessions on the subinterface from which the policy was removed inherit that.
    • The policy is removed from the main interface and is uninherited from the main interface and also from any sessions under its subinterfaces that inherited this policy.
  • When a session that does not already have a policy receives one from the RADIUS server, you need only install the new policy. However when a session that already has a policy inherited from the parent receives a new one from the RADIUS server, you must first uninherit the parent policy and then install the new one.
  • When a session policy is removed, the session inherits the policy from its nearest parent, subinterface, or main interface that has a policy.

How to Configure MQC Support for IP Sessions

Configuring Local Subscriber Profile for MQC Support

To configure a QoS policy map to define a service policy, perform the following steps.

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    policy-map type service service-name

4.    service-policy policy-name


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
policy-map type service service-name


Example:

Router# (config)# policy-map type service service1

 

Enters policy-map configuration mode. Specifies the policy-map name and its service configuration.

 
Step 4
service-policy policy-name


Example:

Router# (config-service-policymap)# service-policy service-policy1

 

Configures the service policy.

 
What to Do Next

For information about configuring a local service profile, see the section "Configuring Per-Session QoS Using the ISG Framework" in the "Configuring ISG Control Policies" chapter in the Cisco IOS Intelligent Services Gateway Configuration Guide.

Configuring ISG QoS for IP Sessions

To associate a previously configured traffic class with a policy map, perform these steps:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    policy-map type service service-name

4.    class type traffic class-name


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
policy-map type service service-name


Example:

Router# (config)# policy-map type service

 

Enters policy-map configuration mode. Specifies the policy-map name and its service configuration.

 
Step 4
class type traffic class-name


Example:

Router# (config-service-policymap)# class type traffic

 

Associates a previously configured traffic class with the policy map.

 

Configuration Examples for MQC Support for IP Sessions

QoS Policy-Map Service Profile and Command Policy-Map Configurations Example

The following example shows how to configure a QoS policy map, a service profile, and a command policy map. The command policy map is then configured onto interface GigabitEthernet 0/0/0 with the service-policy keyword. 

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# class-map match-any EF-customer
Router(config-cmap)# match access-group name CUSTOMER-EF
Router(config-cmap)# class-map match-any EF-WAN
Router(config-cmap)# match qos-group 6
Router(config-cmap)# policy-map PREMIUM_MARK_IN
Router(config-pmap)# class EF-customer
Router(config-pmap-c)# set cos 6
Router(config-pmap-c)# set dscp ef
Router(config-pmap-c)# set qos-group 6
Router(config-pmap-c)# class class-default
Router(config-pmap-c)# set dscp af11
Router(config-pmap-c)# set qos-group 1
Router(config-pmap-c)# set cos 1
Router(config-pmap-c)# policy-map PREMIUM_UB_OUT
Router(config-pmap)# class EF-WAN
Router(config-pmap-c)# police cir 200000000
Router(config-pmap-c-police)# priority
Router(config-pmap-c)# class class-default
Router(config-pmap-c)# policy-map type service PREMIUM_SERVICE
Router(config-service-policymap)# service-policy input PREMIUM_MARK_IN
Router(config-service-policymap)# service-policy output PREMIUM_UB_OUT
Router(config-service-policymap)# policy-map type control INT
Router(config-control-policymap)# class type control always event account-logon
Router(config-control-policymap-class-control)# 1 service-policy type service name PREMIUM_SERVICE
Router(config-control-policymap-class-control)# interface GigabitEthernet0/0/0
Router(config-if)# ip address 10.0.0.1 255.255.255.0
Router(config-if)# pppoe enable group global
Router(config-if)# service-policy type control INT

Additional References

Related Documents

Related Topic

Document Title

How to configure ISG control policies

"Configuring ISG Control Policies" module in this guide

How to configure QoS policies using the MQC

Cisco IOS XEQuality of Service Solutions Configuration Guide

ISG commands

Cisco IOS Intelligent Services Gateway Command Reference

MIBs

MIB

MIBs Link

No new or modified MIBs are supported by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport

Feature Information for MQC Support for IP Sessions

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1 Feature Information for MQC Support for IP Sessions

Feature Name

Releases

Feature Information

MQC Support for IP Sessions

12.2(33)SRC 15.0(1)S

Provides MQC provisioning on Cisco ISG IP sessions.

The following commands were introduced or modified: policy-map and service-policy.

ISG: Session: Multicast: Coexistance

12.2(33)SRE

In Cisco IOS Release 12.2(33)SRE, ISG Session Multicast Coexistence feature support was added on Cisco 7600 series routers.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.