Wireless Access

Hi,

When wireless traffic is picked up by the AP and sent to the controller via the GRE tunnel, assuming there is a QoS policy in place, which device applies the QoS marking to the packets? The controller or the AP?

I cannot find the answer in the User Guide nor anywhere else, but I need to verify this as, if it turns out to be the controller, I would have quite some traffic flowing in the wired networks between the AP and controller without an appropriate QoS marking.

Many thanks in advance.

Best regards,

Giuseppe Damiano/

If the wireless client is using WMM, the GRE packets are tagged with QOS from the access point to the controller.  The controller will also "remember" to tag upstream traffic from the controller to the access point.

Excellent!

Is this documented anywhere?

Please take a look at the document here:  http://www.arubanetworks.com/pdf/technology/whitepapers/WP_BringQoSWireless.pdf

Fantastic!

Many thanks,

Giuseppe/

Hi!

I´ll jump in a borrow this thread. I can see how till works for WMM with voice and video but in my case we want to do custom prioritizations using ACLs and in tunnel mode that comes in to play first when the packets reach the controller.

Is it possible to tag traffic based on destination IP/Ports at the AP when in tunnel mode?

If not, will bridge/split tunnel solve my problem?

The big question is, what traffic do you want prioritized over what medium?  What application is this?

In this case it´s iPads connected to an AP in a store and they use an web portal where they can make purchases together with the customer. I would like to give traffic to that particular destination a QoS tag but if the iPad then fires up the intranet and watches a video that would be best effort.

Web traffic is normally not bandwidth and delay sensitive, so it does not normally need prioritization.  Are you having problems right now?

No we´re preparing for the launch of more video content, file downloads, music streaming to the stores by making sure that all purchaserelated traffic can be prioritised even if the slow WAN links are choked.

We don´t want the iPad in this case, to be slow in front of the customer because someone in the back is downloading something.

Are there both wired and wireless devices at the branch?  If so, you might want to do all of your prioritization at the WAN link.  If there is already congestion on your WAN link, it might be too late to do prioritization on the wireless.

I am only making suggestions based on the limited information in your post.  There might be a better way to do it...

The only thing I really want to know is if it´s possible to put custom prioritizations, based on destination IP/Ports, for devices on a tunneled SSID and get it marked right off the AP. If not, I guess I´ll have to put the SSID in bridge mode to get it prioritized with the rest of the wired traffic.

There are wired traffic aswell but this will be tagged by the switch and continued to the WAN provider.

Yes, you can.  The article here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-optimize-wireless-for-multicast-video-streaming/ta-p/182326 shows how to do it with multicast, but if you just modify the ACL it will apply to any other traffic that you can define with an ACL.

Thanks Colin, would that also work for traffic initiated by the clients on the branch? Seems like they are prioritizing traffic from a central server outbound to the client in that article.

If your WLAN is encrypted and you are in tunnel mode, that would actually be impossible; you'd have to go to decrypt-tunnel for the AP to be able to see the IP headers and apply firewall policies at the AP, and even then I'm not entirely sure how far you can push that feature, you'd have to test it and see.

---

@Christoffer wrote:

Thanks Colin, would that also work for traffic initiated by the clients on the branch? Seems like they are prioritizing traffic from a central server outbound to the client in that article.

---

Christoffer,

QOS is only good if you can provide it end to end.  Any point of congestion would need to be managed everywhere.

- Identify where congestion actually is

- Feed enough information to an intelligent devices to manage that congestion to prioritize that application.

If you are using a web application and you are just sending clicks, the congestion will be in the opposite direction, delivering the web page to the client.  The web page content is what could be competing with YouTube traffic to the client.  If you have congestion on your WAN link and your Wan link itself cannot deliver your web app traffic at a higher priority than youtube traffic, there is nothing that can be done.  There also could be congestion on the Wifi link delivering traffic to the client.

The article that I mentioned above will mark traffic when it comes into the controller so that if your infrastructure is configured correctly, it can "see" the markings and prioritize it on the WAN.  The same ACL will also put it into the proper WMM queue and marking so that when we attempt to deliver it to the client from the access point, it will have the correct priority over the air.

Unless it is a specialized application that runs on the iPad that marks WMM from the client to the access point, it cannot be prioritized over the air from the client to the access point.  In many situations, it is that wifi link that is the biggest cause of congestion.  In your current situation, if a client is clicking on web pages, very little content goes from the client to the server, so that should not be your issue.  If you are concerned, again, you can employ decrypt tunnel, so that the AP can mark traffic going to that server, but your network devices between the access point and the controller, like your switches, WAN router and other devices would need to be configured to prioritize via the markings that would be set by the access point.

The other alternative is if you have an Aruba Controller running 6.4 and AppRF so that you can throttle Youtube or specific traffic so that it only consumes a limited amount of bandwidth.  http://community.arubanetworks.com/t5/Controller-Based-WLANs/What-is-AppRF/ta-p/176528

Again, you need to model your use case to understand where your congestion could really be so that you are only configure what you need to deliver application reliability;  you could prioritize one application and hurt others.   QOS might not help if you have a small pipe in the first place..