11-22-2015 10:55 PM - edited 03-05-2019 02:47 AM
Hello,
I have 5 mbps line speed and want to limit file transfer traffic 1 mbps, (shouldn't pass this speed) and 4 mbps to ERP. (Between site A and B)
How can i do that with qos?
P.S : We want to limit the file transfer traffic to 1 mbps even link is empty(no congestion) And we dont use routing protocol.
11-22-2015 11:31 PM
you need to police the traffic on any one of your router interfaces
the document below gives details
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0/qos/configuration/guide/nexus1000v_qos/qos_4policing.pdf
01-28-2016 04:57 AM
Hello Joseph,
My last configuration as below, but still full bandwidtch can be used for file sharing, i want to limit this to 1 Mbps.
i can see smb packets matched by "show policy-map interface" command.
Can you please check this ?
access-list 102 permit tcp any any eq 445
class-map match-all SMB
match access-group 102
!
policy-map SampleShape
class SMB
shape average 1000000
!
interface Vlan2
bandwidth 5120
service-policy output SampleShape
-----------------------------------------------------------------------
Router#sh policy-map interface
Vlan2
Service-policy output: SampleShape
Class-map: SMB (match-all)
271103 packets, 301759861 bytes
5 minute offered rate 3985000 bps, drop rate 0000 bps
Match: access-group 102
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 1000000, bc 4000, be 4000
target shape rate 1000000
Class-map: class-default (match-any)
78706 packets, 5125483 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 3731/403578
11-23-2015 03:36 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
As Richard already noted, you might police your file transfer traffic. Another option, on some platforms, would be to shape the traffic instead.
You noted you want to do this all the time, but unless there's a real need to restrict your file transfer traffic all the time, you might also want to consider using QoS to prioritze your ERP over your file transfer traffic. When there's congestion, you can use QoS to insure ERP gets 4 Mbps vs. file transfer's 1 Mbps, but it would allow file transfer traffic to use bandwidth otherwise unused. (Assuming you're paying for 5 Mbps, why not take full advanage of it anytime you can?)
11-23-2015 04:12 AM
Our customer wants to limit this traffic all the time. Can you send me a sample configuration plz. I really don't have knowledge about qos.
11-23-2015 05:06 AM
Platform and IOS version?
11-23-2015 05:18 AM
Cisco 888,
c880data-universalk9-mz.152-4.M4.bin
11-23-2015 07:28 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
class-map match-any fileXferSample
match protocol ftp
policy-map SamplePolice
class fileXferSample
police average 1000000
policy-map SampleShape
class fileXferSample
shape average 1000000
11-23-2015 10:52 PM
thank you Joseph, should i use both police average and shape average commands or just one of them ? And how should i apply to interface ? Outbound or inbound?
11-24-2015 02:13 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Either the policer or shaper.
Applied to interface (something) like:
interface x
service-policy input|output Policy-name
Policer can be used for input or output, shaper only output.
01-26-2016 11:27 PM
Hello, sorry for the delay, our customer could test configuration recently.
our configuration as below, customer tries file sharing between two sides (i think it uses smb protocol) Can i match this file sharing traffic by this qos configuration?
class-map match-any fileXferSample
match protocol ftp
!
policy-map SampleShape
class fileXferSample
shape average 1000000
policy-map SamplePolice
class fileXferSample
police 1000000
interface Vlan2
bandwidth 5120
ip address 172.27.219.174 255.255.255.252
service-policy input SamplePolice
service-policy output SampleShape
01-27-2016 03:23 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I would expect not, as SMB doesn't use FTP.
01-27-2016 05:28 AM
Can i match SMB traffic by configuration as follows ? Have you ever tried this way ?
access-list 102 permit tcp any any eq 445
!
class-map match-all SMB
match access-group 102
01-27-2016 05:59 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Yup, that might work for fine later Windows systems. If you've earlier Windows versions, you might also want to match against NetBIOS/NetBEUI protocols.
Also, depending on what version of IOS you're using, NBAR might have a protocol for it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide