Reducing Queue Latency; Configuring Qos - Cisco PIX 500 Series Configuration Manual

Chapter 24 Applying QoS Policies

Reducing Queue Latency

The tx-ring-limit command lets you configure the maximum number of packets (that is, the depth)
allowed to be queued in the Ethernet transmit driver ring at any given time. This allows for fine-tuning
the transmit queue to reduce latency and offer better performance through the transmit driver. This limit
must be in the range 3 through 128 packets on the PIX platform, with a limit of 256 packets on the ASA
platform.
The default queue-limit is the number of average, 256-byte packets that the specified interface can
transmit in a 500-ms interval, with an upper limit of 2048 packets. A packet that stays more than 500 ms
in a network node might trigger a timeout in the end-to-end application. Such a packet can be discarded
in each network node.
The default tx-ring-limit is the number of maximum 1550-byte packets that the specified interface can
transmit in a 10-ms interval. This guarantees that the hardware-based transmit ring imposes no more than
10-ms of extra latency for a high-priority packet.
The following example establishes a priority queue on interface "outside" (the GigabitEthernet0/1
interface), with the default queue-limit and tx-ring-limit.
hostname(config)# priority-queue outside
The following example establishes a priority queue on the interface "outside" (the GigabitEthernet0/1
interface), sets the queue-limit to 2048 packets, and sets the tx-ring-limit to 256:
hostname(config)# priority-queue outside
hostname(config-priority-queue)# queue-limit 2048
hostname(config-priority-queue)# tx-ring-limit 256
When priority queuing is enabled, the security appliance empties all packets in higher priority queues
Note
before transmitting packets in lower priority queues.

Configuring QoS

The following procedure provides steps for configuring a traffic class, a policy map, and a service policy
that implement QoS policing (rate limiting) or priority queuing. In addition, for priority queuing, it
includes steps for enabling priority queues on interfaces.
The number of traffic classes, policy maps, and service policies needed to implement QoS varies
depending upon the requirements of your network. Analyze your network and determine how many
traffic classes, policy maps, and service policies needed on the security appliance you are configuring,
and then use this procedure as applicable to your QoS deployment.
To configure QoS policing and priority queuing, perform the following steps:
Determine which traffic you want to police or mark for priority queuing. For a detailed discussion of
Step 1
identifying QoS traffic, see the
Create a class map or modify an existing class map to identify traffic that you want to police or to identify
Step 2
as priority traffic. Use the class-map command to do so, as follows:
hostname(config)# class-map class_map_name
hostname(config-cmap)#
OL-12172-03
"Identifying Traffic for QoS" section on page
Cisco Security Appliance Command Line Configuration Guide
Configuring QoS
24-4.
24-9