Guest

Preview Tool

Cisco Bug: CSCsy94190 - IPSec:QoS: LLQ traffic doesn't go thru Hi Q w/ tunnel protection IPSec

Last Modified

Jan 27, 2017

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

12.2(33)XN

Description (partial)

Symptom:

For IPSec + QoS configuration, the priority traffic might still be dropped if we have QoS policy configured on physical interface and IPSec is enabled on logical interface, such as on GRE tunnel via command 'tunnel protection IPSec profile <profile_name>".
Conditions:

The IPSec coprocessor would be notified about the priority (LLQ) traffic only if crypto map and QoS policy are both configured on the physical interface.   So, when we enable IPSec on tunnel interface, IPSec coprocessor has no knowledge about the traffic classes, and all the traffic will be treated equally going thru the same (default) queue.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.