What is the best way to throttle FTP traffic on an ATM PVC
We have been trying to implement an MQC policy to throttle FTP traffic on ATM PVC's. Our basic requirement has been to allow Interactive traffic (HTTP, telnet, etc) to be able to burst to line rate. We would like to limit FTP traffic to approx. 30% of the port speed if there is congestion occuring. We initially tried to utilize the bandwidth percent, but that only gave us a minimum. It did not set any maximum utilization thresholds during congestion. I thought about utilizing the priority percent for FTP, but I believe that the priority command should only be utilized for traffic requiring low latency. Since FTP is batch, that's probably not a good idea.
What we currently have implemented is policing, where we give Interactive traffic 80% of the port speed. FTP is put in the default class at this time. I need some recomendations to limit FTP to a percentage value (30%) during periods of congestion. What we currently have implemented is not limiting the FTP's and our latency measurements are showing the latency spikes when the FTP's are occuring. Below is a sample of what we have tried to implement. The sample is for a 3 meg port ATM configuration. The policy is applied on the outbound of the ATM PVC:
class-map match-any MNGMT_APPS match access-group name MNGMT_APPS class-map match-any BGP_TRAFFIC match access-group name BGP_TRAFFIC class-map match-any INTERACTIVE match access-group name INTERACTIVE class-map match-any ALL_TRAFFIC match access-group name ALL_TRAFFIC ! ! policy-map QOS2xT1 class BGP_TRAFFIC police cir 8000 exceed-action transmit class MNGMT_APPS police cir 8000 exceed-action transmit class INTERACTIVE police cir 2457000 exceed-action transmit policy-map QOS_PARENT2xT1 class ALL_TRAFFIC police cir 3072000 exceed-action transmit service-policy QOS2xT1 class class-default fair-queue queue-limit 128 ! ! ip access-list extended ALL_TRAFFIC permit ip any any ip access-list extended BGP_TRAFFIC permit tcp any any eq bgp permit tcp any eq bgp any ip access-list extended INTERACTIVE deny tcp any any eq ftp deny tcp any any eq ftp-data deny tcp any eq ftp any deny tcp any eq ftp-data any permit ip any any ! ip access-list extended MNGMT_APPS permit udp any any eq tacacs permit tcp any any eq 22 permit udp any eq tacacs any permit tcp any eq 22 any
Cisco DNA Center
What's new in Cisco DNA Center 2.1.2
Cisco DNA Center 2.1.2.x Features and Capabilities
Cisco DNA Center -Intent Based Networki...
A major international airport is looking to build a cutting-edge new terminal, designed to run 24/7 with no interruptions. With the airport always on round the clock, a critical component required to support this is the surveillance infrastructure, which ...
Dear expert,I am facing an issue which you may come across before. Grateful if you would teach me how to do it.I have a Cisco WS-C3650-24TS switch in MZ which I would like to configure so that on the GigabitEthernet1 / 0/1 portis configured with VLAN 100,...
Hi AllWe are looking at some new switches for our top of racks in our DC.We have looked at the 9300 series UX models with the big buffers which is classed as a high scale model.I have tried to look at some Nexus models for top of rack, but there appears t...