01-03-2022 04:32 PM - edited 01-03-2022 05:09 PM
Is it possible to guarantee a minimum bandwidth for a particular port?
For example, is it possible to guarantee 10M for the SMB ports 139, 445 on the 100M line?
Can switch increase the priority of SMB(139,445) when we are using traffic all 100Mline?
The port number is an example, so can change it.
Solved! Go to Solution.
01-04-2022 10:32 AM
Hello,
here is a generic QoS policy:
access-list 101 permit tcp any any eq 139
access-list 102 permit tcp any any eq 445
!
class-map match-any SMB_CM
match access-group 101
match access-group 102
!
policy-map SMB_PM
class SMB_CM
priority percent 10
class class-default
fair-queue
01-03-2022 05:08 PM
10 Mbps is the easiest -- Set the port to 10 Mbps, Full duplex.
01-03-2022 05:50 PM
"Is it possible to guarantee a minimum bandwidth for a particular port?
For example, is it possible to guarantee 10M for the SMB ports 139, 445 on the 100M line?"
Yes and no. It depends of the QoS features of the platform.
"Can switch increase the priority of SMB(139,445) when we are using traffic all 100Mline?"
Sorry, don't understand this question.
01-04-2022 09:44 AM
by the way what switch and what code running here ?
01-04-2022 10:32 AM
Hello,
here is a generic QoS policy:
access-list 101 permit tcp any any eq 139
access-list 102 permit tcp any any eq 445
!
class-map match-any SMB_CM
match access-group 101
match access-group 102
!
policy-map SMB_PM
class SMB_CM
priority percent 10
class class-default
fair-queue
01-04-2022 05:16 PM
BTW, what @Georg Pauwen shows should work on many Cisco ISR routers, but it may not work on Cisco switches. Again, QoS support varies per device, and sometimes, IOS version.
Also BTW, you could use one ACL rather than two ACLs.
e.g.:
access-list 101 permit tcp any any eq 139
access-list 101 permit tcp any any eq 445
!
class-map match-any SMB_CM
match access-group 101
Lastly, on an ISR, at least in the older IOS verions, the LLQ class(es) (one with the priority command), doesn't limit that class's bandwidth until there's actually LLQ queuing, than it's limited. So, for example, your LLQ class could get up to 100% bandwidth, but if other traffic classes push demand beyond 100%, the LLQ class will be limited.
01-04-2022 04:50 PM - edited 01-04-2022 04:53 PM
Hello
@Ralo wrote:
Can switch increase the priority of SMB(139,445) when we are using traffic all 100Mline?
Possible example using NBAR:
class-map match-any SMB_cm
match protocol netbios
match protocol cifs
policy-map SMB_pm
class SMB_cm
bandwidth percent 10
class class-default
fair-queue
policy-map default_pm
class class-default
shape average 102400000
service-policy SMB_pm
int x/x
description WAN
service-policy output default_pm
01-04-2022 05:33 PM
BTW, @paul driver shows using NBAR rather than an ACL on ports. Just be aware, sometimes NBAR is just a "pretty face" on ACL protocol and port matching, but sometimes it does deep packet inspection and can recognize an application protocol using non-standard ports.
Also, Paul shows using a hierarchical policy, shaping all traffic at the "parent" level at 100Mbps (I believe - I didn't count all the zeros) and than guaranteeing your SMB traffic 10% of that (i.e. 10Mbps) in the child policy. That's a closer match to your "is it possible to guarantee 10M for the SMB ports 139, 445 on the 100M line?", although if the interface is actually running at 100Mbps, you don't need the parent shaper (and often will get better results).
Paul, unlike @Georg Pauwen doesn't prioritize your SMB traffic, but then again I don't understand "Can switch increase the priority of SMB(139,445) when we are using traffic all 100Mline?", especially the word "increase". Generally, as both Georg and Paul show, QoS policies are rather static. If you really want to change QoS rules "on-the-fly", based on current traffic loads, you would need to delve into something like EEM scripting.
If you would, if known, note the intended platform, and also further clarify what you're trying to accomplish, possible a better recommendation might be made.
01-05-2022 01:28 AM
Hello Joseph
@Joseph W. Doherty wrote:
sometimes NBAR is just a "pretty face" on ACL protocol and port matching, but sometimes it does deep packet inspection and can recognize an application protocol using non-standard ports.
I noticed that when checking the pdlms as they seem to differ via platform, the assumption here was current pdlm would be checked prior to implementation, so apologies to the OP for not mentioning it.
For reference:
IOS
137, 138, 139 = Netbios
145 = Cifs
IOS-XE
145 = Microsoft-DS ios-xe
01-05-2022 09:09 AM
"I noticed that when checking the pdlms as they seem to differ via platform", indeed, and even on the same platform, the version of the pdlm can make a difference too (or at least it used to; not current on how Cisco maintains current versions of NBAR, especially NBAR2).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide