Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
I did a packet capture on the PC running CUPC to see what kind of messages are sent between CUPC and CUPS. This question is asking to marking inbound traffic from CUPS to CUPC which the proctor considers as signaling. Since the inbound port also connects to CUCM and CUC which potentially will also communicate with CUPS, we'll have to filter them out, as well as traffic from CUPS to CUPC that's NOT considered as signaling. Let's take a look at what CUPS considers as signaling. CUPS will by default mark certain packets with DSCP value CS3. In the packet capture, we see the following types of traffic between CUPS and CUPC: A. CUPS[5060] -- CUPC[random port] B. CUPS[random port] -- CUPC[500XX] (5-50067 for SIP presence) C. CUPS[443] -- CUPC[random port] That's it. Interestingly, only traffic A and B are marked by default as CS3, C is left as 0. So we have two options here, one is to mark everything between CUPS and CUPC as CS3, then police; the other is to preserve the CS3 markings from CUPS and only police those. Which approach is what proctor wants I don't know. Personally I tend to believe in the second approach. So to do that, you can use an access list to match both IP addresses and DSCP: Access-list 101 permit ip host CUPS-IP-ADDRESS host CUPC-IP-ADDRESS dscp CS3 Then assign it to class-map: class-map match-all signal match access-group 101 /*you can only have one match command per class, and you can't nest them through multiple policy-maps either*/ policy-map markpresence class signal police 32000 8000 exceed-action policed-dscp-transmit set dscp cs3 mls qos map policed-dscp 24 to 8 And finally apply to interface: Int fa1/0/4 Service-policy in markpresence ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Is it something like SIP/SIMPLE SOAP towards Presence server and SIP/SIMPLE CTI/QBE towards CUCM ? 2 ACL - one to CUPS and other to CUCM. Together can we call it as 'signalling' from presence communicator? http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/presence.html -- Figure 22-1 Cisco Unified Presence Components http://docwiki.cisco.com/wiki/Cisco_Unified_Presence,_Release_7.x_--_About_the_Interfaces_with_Cisco_Unified_Communications_Manager#About_the_Interfaces_with_Cisco_Unified_Communications_Manager Figure: Cisco Unified Presence Basic Deployment On Mon, May 14, 2012 at 4:19 AM, Brian Turner brianstur...@gmail.comwrote: I think you guys are over thinking it maybe. Isn't all traffic from the CUPC server Signaling traffic? The CUPC server doesn't really do anything but Signaling Media traffic goes from enpoint to endpoint, or endpoint to MTP etc. All other voice traffic is typically considered signaling. So an ACL that just matched all traffic to / from the CUPC server IP address would include signaling traffic for the CUPC server and little else. I didn't see the earlier email concerning the wording of the question, so this is a stab in the dark. Brian S Turner CCIE 6145 On Sun, May 13, 2012 at 11:39 AM, san r luv...@gmail.com wrote: Release Notes for Cisco Unified Personal Communicator Release 7.0 https://mail.google.com/mail/html/compose/static_files/blank_quirks.html#wp85054has got all inbound outbound port usage for CUPC http://www.cisco.com/en/US/docs/voice_ip_comm/cupc/7_0/english/release/notes/ol15710.html On Sun, May 13, 2012 at 5:27 PM, san r luv...@gmail.com wrote: I think we will need to consider the citi port number too On May 13, 2012 2:57 PM, steven moran smoran...@gmail.com wrote: I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
If Cisco Unified Personal Communicator is configured for Desk Phone mode, a connection is established with the CTI Manager of Unified CM for phone control. Looks like CTI port needs to be consider only if the CUPC configured in deskphone mode. On Mon, May 21, 2012 at 8:05 PM, san r luv...@gmail.com wrote: Is it something like SIP/SIMPLE SOAP towards Presence server and SIP/SIMPLE CTI/QBE towards CUCM ? 2 ACL - one to CUPS and other to CUCM. Together can we call it as 'signalling' from presence communicator? http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/presence.html -- Figure 22-1 Cisco Unified Presence Components http://docwiki.cisco.com/wiki/Cisco_Unified_Presence,_Release_7.x_--_About_the_Interfaces_with_Cisco_Unified_Communications_Manager#About_the_Interfaces_with_Cisco_Unified_Communications_Manager Figure: Cisco Unified Presence Basic Deployment On Mon, May 14, 2012 at 4:19 AM, Brian Turner brianstur...@gmail.comwrote: I think you guys are over thinking it maybe. Isn't all traffic from the CUPC server Signaling traffic? The CUPC server doesn't really do anything but Signaling Media traffic goes from enpoint to endpoint, or endpoint to MTP etc. All other voice traffic is typically considered signaling. So an ACL that just matched all traffic to / from the CUPC server IP address would include signaling traffic for the CUPC server and little else. I didn't see the earlier email concerning the wording of the question, so this is a stab in the dark. Brian S Turner CCIE 6145 On Sun, May 13, 2012 at 11:39 AM, san r luv...@gmail.com wrote: Release Notes for Cisco Unified Personal Communicator Release 7.0 https://mail.google.com/mail/html/compose/static_files/blank_quirks.html#wp85054has got all inbound outbound port usage for CUPC http://www.cisco.com/en/US/docs/voice_ip_comm/cupc/7_0/english/release/notes/ol15710.html On Sun, May 13, 2012 at 5:27 PM, san r luv...@gmail.com wrote: I think we will need to consider the citi port number too On May 13, 2012 2:57 PM, steven moran smoran...@gmail.com wrote: I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
If NDA is strict. Why we have lab work books. Most of them are claiming it's 'exactly ' as in lab. Even everyone is using the name CCIE - I do believe its 'Cisco ' certified internetwork expert On May 15, 2012 4:07 PM, Ken Wyan kew...@gmail.com wrote: Hi, Didn't you forget cisco NDA discuss exam questions like this? (Cisco seems given a never-ending exercise to NDA violators) You can't conclude answers this way don't hope to pass first attempt or if cisco gives such questions. Just try again youll pass next time or a in a subsequent attempt if you prepared very well using IPExpert material. Thats only I can say. Thanks On Tue, May 15, 2012 at 12:21 PM, Kevin Spicer ke...@kevinspicer.co.ukwrote: But cucm and cup both run on the same VMWare server so will use the internal vswitch to communicate only traffic to the clients will traverse the switch port. On 15 May 2012 03:41, steven moran smoran...@gmail.com wrote: Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
But cucm and cup both run on the same VMWare server so will use the internal vswitch to communicate only traffic to the clients will traverse the switch port. On 15 May 2012 03:41, steven moran smoran...@gmail.com wrote: Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Hi, Didn't you forget cisco NDA discuss exam questions like this? (Cisco seems given a never-ending exercise to NDA violators) You can't conclude answers this way don't hope to pass first attempt or if cisco gives such questions. Just try again youll pass next time or a in a subsequent attempt if you prepared very well using IPExpert material. Thats only I can say. Thanks On Tue, May 15, 2012 at 12:21 PM, Kevin Spicer ke...@kevinspicer.co.ukwrote: But cucm and cup both run on the same VMWare server so will use the internal vswitch to communicate only traffic to the clients will traverse the switch port. On 15 May 2012 03:41, steven moran smoran...@gmail.com wrote: Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Ken, appreciate the wanring - but not sure what this has to do with Cisco NDA, we were discussing the Lab7 ccievoicelabs question as was evident in both the question title and my comments about it being a poorly worded question. Are you saying that this is similar to an actual exam question? Best regards, Steve On Tue, May 15, 2012 at 7:19 PM, Ken Wyan kew...@gmail.com wrote: Hi, Didn't you forget cisco NDA discuss exam questions like this? (Cisco seems given a never-ending exercise to NDA violators) You can't conclude answers this way don't hope to pass first attempt or if cisco gives such questions. Just try again youll pass next time or a in a subsequent attempt if you prepared very well using IPExpert material. Thats only I can say. Thanks On Tue, May 15, 2012 at 12:21 PM, Kevin Spicer ke...@kevinspicer.co.ukwrote: But cucm and cup both run on the same VMWare server so will use the internal vswitch to communicate only traffic to the clients will traverse the switch port. On 15 May 2012 03:41, steven moran smoran...@gmail.com wrote: Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Hi Steve, If this was from another vendor lab , isn't it more approriate to discuss it in that domain? Frankly speaking , I had to attempt the lab several times to pass it. I adviced you from my experience don't want to recommend or critisize any vendor. Your Last Question Are you saying that this is similar to an actual exam question? I am unable to answer your question without braking NDA apologize for that. Good Luck next time ! On Tue, May 15, 2012 at 4:14 PM, steven moran smoran...@gmail.com wrote: Ken, appreciate the wanring - but not sure what this has to do with Cisco NDA, we were discussing the Lab7 ccievoicelabs question as was evident in both the question title and my comments about it being a poorly worded question. Are you saying that this is similar to an actual exam question? Best regards, Steve On Tue, May 15, 2012 at 7:19 PM, Ken Wyan kew...@gmail.com wrote: Hi, Didn't you forget cisco NDA discuss exam questions like this? (Cisco seems given a never-ending exercise to NDA violators) You can't conclude answers this way don't hope to pass first attempt or if cisco gives such questions. Just try again youll pass next time or a in a subsequent attempt if you prepared very well using IPExpert material. Thats only I can say. Thanks On Tue, May 15, 2012 at 12:21 PM, Kevin Spicer ke...@kevinspicer.co.ukwrote: But cucm and cup both run on the same VMWare server so will use the internal vswitch to communicate only traffic to the clients will traverse the switch port. On 15 May 2012 03:41, steven moran smoran...@gmail.com wrote: Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
If we specify a service-policy ,then mls qos trust commands won't have any effect. Then you have to consider rtp traffic in ACL. On Sun, May 13, 2012 at 1:32 PM, san r luv...@gmail.com wrote: Since they specifically asked for 'CUPC Signalling ' I don't think you need to mark the RTP traffic On May 13, 2012 11:53 AM, Nazeer rahiman nazs...@yahoo.com wrote: For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
not sure about that Ken. If we use auto qos on a switch, it applies a service policy in combination with mls qos statements on the same port. These mls qos statements I believe are used for anything not mathching the service policy cheers, Juan 2012/5/14 Ken Wyan kew...@gmail.com If we specify a service-policy ,then mls qos trust commands won't have any effect. Then you have to consider rtp traffic in ACL. On Sun, May 13, 2012 at 1:32 PM, san r luv...@gmail.com wrote: Since they specifically asked for 'CUPC Signalling ' I don't think you need to mark the RTP traffic On May 13, 2012 11:53 AM, Nazeer rahiman nazs...@yahoo.com wrote: For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Hi Team, Please remove my maid id abbas_3...@yahoo.com from your group.. i donot want to receive mails from your group Regards, F.Abbas B.E,MBA, 9790126906 From: Juan Lopez lopez.hernandez.j...@gmail.com To: Ken Wyan kew...@gmail.com Cc: ccie_voice@onlinestudylist.com; Nazeer rahiman nazs...@yahoo.com Sent: Monday, May 14, 2012 3:33 PM Subject: Re: [OSL | CCIE_Voice] Lab 7 Lan QOS not sure about that Ken. If we use auto qos on a switch, it applies a service policy in combination with mls qos statements on the same port. These mls qos statements I believe are used for anything not mathching the service policy cheers, Juan 2012/5/14 Ken Wyan kew...@gmail.com If we specify a service-policy ,then mls qos trust commands won't have any effect. Then you have to consider rtp traffic in ACL. On Sun, May 13, 2012 at 1:32 PM, san r luv...@gmail.com wrote: Since they specifically asked for 'CUPC Signalling ' I don't think you need to mark the RTP traffic On May 13, 2012 11:53 AM, Nazeer rahiman nazs...@yahoo.com wrote: For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
[OSL | CCIE_Voice] Lab 7 Lan QOS
Whilst in some aspects you are right in that the CUPS server is really only involved in signalling - the question requires a guarantee of 32k for signal traffic between CUPC and CUPS (that's how I read it) as we are only instructed to put a policy of the CUPS server port, then we have to be careful not to put traffic between the CUPS and CUCM into the same policy as above as this would impact of the bandwidth allocated. At the end of the day it is a badly worded question. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
[OSL | CCIE_Voice] Lab 7 Lan QOS
For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Since they specifically asked for 'CUPC Signalling ' I don't think you need to mark the RTP traffic On May 13, 2012 11:53 AM, Nazeer rahiman nazs...@yahoo.com wrote: For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
[OSL | CCIE_Voice] Lab 7 Lan QOS
I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
I think we will need to consider the citi port number too On May 13, 2012 2:57 PM, steven moran smoran...@gmail.com wrote: I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
I think the drawback to that approach is that the policer is applied to traffic from all servers (as they all share the same port on VMware). Given that CUP should be marking appropriately anyway wouldn't this be a valid configuration... mls qos mls qos map policed-dscp 24 to 8 class-map *match-all *CUP-Sig match dscp cs3 match access-group name cup-sig-acl policy-map police-cup class CUP-Sig set dscp cs3 ! or could use trust dscp police 32000 8000 exceed-action policed-dscp-transmit class class-default trust dscp ip access-list extended cup-sig-acl permit ip host x.x.x.x any interface Gi 1/0/4 service-policy input police-cup On Sun, May 13, 2012 at 4:59 AM, Nazeer rahiman nazs...@yahoo.com wrote: For LAN QoS I got below question All servers are connected (running on vmware) to SW int G 1/0/4. CUPC is running in UCCX and test pc. They asked to configure one in softphone mode other one is desktop mode. also configre voice mail on both clients QoS question was - In Gig 1/0/4 , make sure all incoming CUPC signaling traffic to mark CS3 and gurantee 32k BW. anythung exess should be mark down to DSCP 8 and retransmit. My ans was - mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 mls qos map policed-dscp 24 26 to 8 ip access-list extended voice-rtp permit udp any any range 16384 32767 ip access-list extended cupc-sig permit tcp any any eq 5060 permit tcp any any eq 5060 permit tcp any eq 5060 any permit udp any any eq 5060 permit udp any eq 5060 any permit tcp any any eq 143 permit tcp any eq 143 any permit tcp any any eq 80 permit tcp any eq 80 any permit tcp any any eq 443 permit tcp any eq 443 any permit tcp any any eq 993 permit tcp any eq 993 any permit tcp any any eq 7993 permit tcp any eq 7993 any permit tcp any any eq 389 permit tcp any eq 389 any permit tcp any any eq 2748 permit tcp any eq 2748 any config)#class-map voice-rtp (config-cmap)#match access-group name voice-rtp (config)#class-map match any cupc-sig (config-cmap)#match access-group name cupc-sig (config-cmap)#policy-map cupc (config-pmap)#class voice-rtp (config-pmap-c)#set dscp ef (config-pmap)#class cupc-sig (config-pmap-c)#police 32000 8000 exceed-action policed-dscp-transmit (config-pmap-c)#set dscp cs3 (config)#interface GigabitEthernet1/0/4 config-if)#service-policy input cupc Phone ports mls qos trust cos mls qos trust device cisco phone Server ports mls qos trust dscp I got 0 marks for this question - any body can clarify where it's wrong ? ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
Release Notes for Cisco Unified Personal Communicator Release 7.0 https://mail.google.com/mail/html/compose/static_files/blank_quirks.html#wp85054has got all inbound outbound port usage for CUPC http://www.cisco.com/en/US/docs/voice_ip_comm/cupc/7_0/english/release/notes/ol15710.html On Sun, May 13, 2012 at 5:27 PM, san r luv...@gmail.com wrote: I think we will need to consider the citi port number too On May 13, 2012 2:57 PM, steven moran smoran...@gmail.com wrote: I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
Re: [OSL | CCIE_Voice] Lab 7 Lan QOS
I think you guys are over thinking it maybe. Isn't all traffic from the CUPC server Signaling traffic? The CUPC server doesn't really do anything but Signaling Media traffic goes from enpoint to endpoint, or endpoint to MTP etc. All other voice traffic is typically considered signaling. So an ACL that just matched all traffic to / from the CUPC server IP address would include signaling traffic for the CUPC server and little else. I didn't see the earlier email concerning the wording of the question, so this is a stab in the dark. Brian S Turner CCIE 6145 On Sun, May 13, 2012 at 11:39 AM, san r luv...@gmail.com wrote: Release Notes for Cisco Unified Personal Communicator Release 7.0 https://mail.google.com/mail/html/compose/static_files/blank_quirks.html#wp85054has got all inbound outbound port usage for CUPC http://www.cisco.com/en/US/docs/voice_ip_comm/cupc/7_0/english/release/notes/ol15710.html On Sun, May 13, 2012 at 5:27 PM, san r luv...@gmail.com wrote: I think we will need to consider the citi port number too On May 13, 2012 2:57 PM, steven moran smoran...@gmail.com wrote: I've been doing some work on this topic and have moved away from my original thoughts which were along the same lines as originally posted by Nazeer and a few others . Here are some recent thoughts on the subject the question is not particularly well worded, we can't really influence the traffic from the CUPC client to the server by applying policy on the server port. What we can do is control what the switch port does with packets from the CUPS server to the clients by classifying and applying an input ploicy on the server port. I went back to the presence section in the CUCM srnd - the only traffic between CUPC and CUPS seems be 5060 for sip/simple and 443 for SOAP, this was sort of backed up by the information in the CUPC 7.1 release. The release notes also mention that ports 16384-16424 are used for TFTP - but this would not be classed as signalling. Since there are other servers on the port any access list would need to specifiy the server IP address. If you wanted to make it really specific you could also specify the destination address of the CUPC clients as well. Finally by putting bidirectional access lists (any any eq and any eq any) you may loose the points as it might appear you are hedging your bets and do not know how directional QoS works. Also we are asked to guarantee 32k for signalling traffic if we put non signalling traffic into this policy we are not achieving the requirements. These statements are not facts, just my current opinion based on the last bits of documentation read and I am happy to discuss. Best regards. Steve ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://www.platinumplacement.com/ ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
