cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1000
Views
0
Helpful
5
Replies

QoS policy problem

alanchia2000
Level 1
Level 1

I have a Cisco 2651 router with a 2Mb lease line to the ISP. It seems that whenever my users start downloading stuff - ISO images, all my interactive SSH sessions would be extremely slow.

Therefore, I went through some of the QoS books and found that doing priority-queueing was good for us.

And what I did was to perform priority queueing for incoming traffic to my serial interface s0/0 which is connected to the ISP.

However,even after doing so didn't help in speeding up my SSH sessions while users are downloading, could anyone help?

ISP 215.23.21.0/24

R ------> My Router ---> Our network

Is doing priority queueing the best way ?

1 Accepted Solution

Accepted Solutions

Hello,

the problem with priority queueing is that whatever traffic you have put in the high priority list gets serviced first, and other, lower priority traffic might get starved out.

It might be better to configure Priority-Based Weighted Fair Queuing. You can define a class that matches your SSH traffic and assign a certain percentage of bandwidth to that class. Here is an example:

ip cef

!

class-map match-all SSH

match protocol ssh

!

policy-map PRIORITIZE_SSH

class SSH

priority 500

class default

bandwidth 1000

random-detect

!

interface Serial0

service-policy input PRIORITIZE_SSH

Here, you reserve 500kb of bandwidth for your SSH traffic, all other traffic gets 1000kb of bandwidth. The bandwidth reservations only take effect in case of congestion.

Maybe you can post what you have configured so far with PQ ?

Regards,

GP

View solution in original post

5 Replies 5

Hello,

the problem with priority queueing is that whatever traffic you have put in the high priority list gets serviced first, and other, lower priority traffic might get starved out.

It might be better to configure Priority-Based Weighted Fair Queuing. You can define a class that matches your SSH traffic and assign a certain percentage of bandwidth to that class. Here is an example:

ip cef

!

class-map match-all SSH

match protocol ssh

!

policy-map PRIORITIZE_SSH

class SSH

priority 500

class default

bandwidth 1000

random-detect

!

interface Serial0

service-policy input PRIORITIZE_SSH

Here, you reserve 500kb of bandwidth for your SSH traffic, all other traffic gets 1000kb of bandwidth. The bandwidth reservations only take effect in case of congestion.

Maybe you can post what you have configured so far with PQ ?

Regards,

GP

Thanks for being so helpful.

What if I wish to allocate 80% of bandwidth to users who are just surfing and reduce the bandwidth for those users who starts downloading ISO images to 20%?

Is there a queueing discipline that does that ?

If it is an FTP download there is a way of limiting it but http downloads are difficult to access as ultimatately they all use port 80

I may be wrong, but it was my understanding that QOS controlled the bandwidth of traffic leaving the interface. How can it prioritize traffic that is coming in from the ISP?

In my experience the only way to control traffic inbound from a device that is not under your direct control is to implement traffic policing for inbound traffic.

The affect this will have is that when traffic of a certain class reaches the the bandwidth limit traffic will start to be discarded causing the remote sending end to slow-down its sendding rate. Since you are relying on the TCP windowing mechanicm to slow down the rate of the inbound traffic, policing wont have much affect on UDP or ICMP traffic.

Sample config for inbound traffic on a link a 1mb SDSL link to an isp:

int xxxx

rate-limit input access-group 150 128000 4000 4000 conform-action set-prec-transmit 5 exceed-action set-prec-transmit 0

rate-limit input access-group 155 64000 2000 2000 conform-action set-prec-transmit 5 exceed-action set-prec-transmit 0

rate-limit input 832000 26000 26000 conform-action transmit exceed-action drop

Acess-list 150 is for voice traffic

Acess-list 155 is for voice-signalling traffic

Review Cisco Networking for a $25 gift card