Cisco Systems ASA 5545-X, ASA 5555-X, ASA 5580, ASA 5585-X, ASA Services Module, ASA 5505 Configuring a Service Rule for Standard Priority Queuing and Policing

23-9

Cisco ASA Series Firewall ASDM Configuration Guide

Chapter23 Configuring QoS

Configuring QoS

This option sets the maximum number of low-latency or normal priority packets allowed into the

Ethernet transmit driver before the driver pushes back to the queues on the interface to let them buffer

packets until the congestion clears.

The upper limit of the range of values is determined dynamically at run time. The key determinants are

the memory needed to support the queues and the memory available on the device.

The Transmission Ring Limit that you specify affects both the higher priority low-latency queue and the

best-effort queue.

Configuring a Service Rule for Standard Priority Queuing and Policing

You can configure standard priority queuing and policing for different class maps within the same policy

map. See the “How QoS Features Interact” section on page 23-4 for information about valid QoS

configurations.

To create a policy map, perform the following steps.

Restrictions

•You cannot use the class-default class map for priority traffic.

•You cannot configure traffic shaping and standard priority queuing for the same interface; only

hierarchical priority queuing is allowed.

•(ASASM) The ASASM only supports policing.

•For policing, to-the-box traffic is not supported.

•For policing, traffic to and from a VPN tunnel bypass interface is not supported.

•For policing, when you match a tunnel group class map, only outbound policing is supported.

Guidelines

•For priority traffic, identify only latency-sensitive traffic.

•For policing traffic, you can choose to police all other traffic, or you can limit the traffic to certain

types.

Detailed Steps

Step1 To configure priority queuing, configure a service policy rule in the Configuration > Firewall > Service

Policy Rules pane according to Chapter1, “Configuring a Service Policy.”

You can configure QoS as part of a new service policy rule, or you can edit an existing service policy.

Step2 In the Rule Actions dialog box, click the QoS tab.

Step3 Click Enable priority for this flow.

If this service policy rule is for an individual interface, ASDM automatically creates the priority queue

for the interface (Configuration> Device Management > Advanced > Priority Queue; for more

information, see the “Configuring the Standard Priority Queue for an Interface” section on page 23-8).

If this rule is for the global policy, then you need to manually add the priority queue to one or more

interfaces before you configure the service policy rule.

Cisco Systems Configuring a Service Rule for Standard Priority Queuing and Policing