hi  ,

im sorry for missing information :

=============================

im having full duplex , i mean i have 550 up & 550 down .

=========================================

about the cpu , i think it is about 40-45 % at the rush hour.

=============================================

about the upload it dont exceed 60 mega , but the problem is in the download  it always got full

============================================================

about the method , what about trying the 1st method u mentioned about policying the traffic ???

=======================================================================

about the qos  by the isp , i dont recommend that , i just want to do it on my router and the isp will be an untrusted qos side .

============================

about the info of my 7200 here is what u requested :

7200Gateway#sh version 
Cisco IOS Software, 7200 Software (C7200P-ADVENTERPRISEK9-M), Version 12.4(24)T4, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Fri 03-Sep-10 12:11 by prod_rel_team
ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)
BOOTLDR: Cisco IOS Software, 7200 Software (C7200P-KBOOT-M), Version 12.4(4)XD5, RELEASE SOFTWARE (fc1)
7200Gateway uptime is 146 days, 5 hours, 48 minutes
System returned to ROM by power-on
System image file is "disk2:c7200p-adventerprisek9-mz.124-24.T4.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 7206VXR (NPE-G2) processor (revision A) with 1966080K/65536K bytes of memory.
Processor board ID 13252317
MPC7448 CPU at 1666Mhz, Implementation 0, Rev 2.2
6 slot VXR midplane, Version 2.0
Last reset from power-on
PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 0 bandwidth points. 
This configuration is within the PCI bus capacity and is supported. 
PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported. 
Please refer to the following document "Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
for c7200 bandwidth points oversubscription and usage guidelines.
1 FastEthernet interface
3 Gigabit Ethernet interfaces
2045K bytes of NVRAM.
250880K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
7200Gateway#  

wish to do it in the end

thanks for ur interest

regards

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Policing approach:

class-map match-any dontPolice

match protocol http

match (you tube?) (protocol ?)|(access-group)

policy-map Sample

class dontPolice

class class-default

police ###

interface g#

!ISP/WAN interface

service-policy input Sample

Notes:

At the moment - don't have access to a router to check syntax.

Your version of IOS supports HQF, but above doesn't use HQF features.

You'll have to determine what traffic is "protected" by matching using the dontPolice match rules.

You'll have to determine how much bandwidth you'll allow for download and other applications.

Optionally you could define a class just for the Youtube traffic and police it too.  Unsure how well Youtube responds to packet drops.

hi ,

JosephDoherty wrote:

 Posting
 Policing approach:
class-map match-any dontPolice
match protocol http
match (you tube?) (protocol ?)|(access-group)
policy-map Sample
class dontPolice
class class-default
police ###
interface g#
!ISP/WAN interface
service-policy input Sample
Notes:
At the moment - don't have access to a router to check syntax.
reply ====>here is what i can match :
7200Gateway(config-cmap)#match protocol ?  
  aarp              AppleTalk ARP
  appletalk         AppleTalk
  arp               IP ARP
  bgp               Border Gateway Protocol
  bittorrent        bittorrent
  bridge            Bridging
  bstun             Block Serial Tunnel
  cdp               Cisco Discovery Protocol
  citrix            Citrix Systems Metaframe 3.0
  clns              ISO CLNS
  clns_es           ISO CLNS End System
  clns_is           ISO CLNS Intermediate System
  cmns              ISO CMNS
  compressedtcp     Compressed TCP (VJ)
  cuseeme           CU-SeeMe desktop video conference
  decnet            DECnet
  decnet_node       DECnet Node
  decnet_router-l1  DECnet Router L1
  decnet_router-l2  DECnet Router L2
  dhcp              Dynamic Host Configuration
  directconnect     Direct Connect Version 2.0
  dlsw              Data Link Switching (Direct encapsulation only)
  dns               Domain Name Server lookup
  edonkey           eDonkey
  egp               Exterior Gateway Protocol
  eigrp             Enhanced Interior Gateway Routing Protocol
  exchange          MS-RPC for Exchange
  fasttrack         FastTrack Traffic - KaZaA, Morpheus, Grokster...
  finger            Finger
  ftp               File Transfer Protocol
  gnutella          Gnutella Version2 Traffic - BearShare, Shareeza, Morpheus ...
  gopher            Gopher
  gre               Generic Routing Encapsulation
  h323              H323 Protocol
  http              World Wide Web traffic
  icmp              Internet Control Message
  imap              Internet Message Access Protocol
  ip                IP
  ipinip            IP in IP (encapsulation)
  ipsec             IP Security Protocol (ESP/AH)
  ipv6              IPV6
  ipx               Novell IPX
  irc               Internet Relay Chat
  kazaa2            Kazaa Version 2 
  kerberos          Kerberos
  l2tp              L2F/L2TP tunnel
  ldap              Lightweight Directory Access Protocol
  llc2              llc2
  mgcp              Media Gateway Control Protocol
  netbios           NetBIOS
  netshow           Microsoft Netshow
  nfs               Network File System
  nntp              Network News Transfer Protocol
  notes             Lotus Notes(R)
  novadigm          Novadigm EDM
  ntp               Network Time Protocol
  ospf              Open Shortest Path First
  pad               PAD links
  pcanywhere        Symantec pcANYWHERE
  pop3              Post Office Protocol
  pppoe             PPP over Ethernet
  pptp              Point-to-Point Tunneling Protocol
  printer           print spooler/lpd
  qllc              qllc protocol
  rcmd              BSD r-commands (rsh, rlogin, rexec)
  rip               Routing Information Protocol
  rsrb              Remote Source-Route Bridging
  rsvp              Resource Reservation Protocol
  rtcp              Real Time Control Protocol
  rtp               Real Time Protocol
  rtsp              Real Time Streaming Protocol
  secure-ftp        FTP over TLS/SSL
  secure-http       Secured HTTP
  secure-imap       Internet Message Access Protocol over TLS/SSL
  secure-irc        Internet Relay Chat over TLS/SSL
  secure-ldap       Lightweight Directory Access Protocol over TLS/SSL
  secure-nntp       Network News Transfer Protocol over TLS/SSL
  secure-pop3       Post Office Protocol over TLS/SSL
  secure-telnet     Telnet over TLS/SSL
  sip               Session Initiation Protocol
  skinny            Skinny Protocol
  skype             Skype Peer-to-Peer Internet Telephony Protocol
  smtp              Simple Mail Transfer Protocol
  snapshot          Snapshot routing support
  snmp              Simple Network Management Protocol
  socks             SOCKS
  sqlnet            SQL*NET for Oracle
  sqlserver         MS SQL Server
  ssh               Secured Shell
  streamwork        Xing Technology StreamWorks player
  stun              Serial Tunnel
  sunrpc            Sun RPC
  syslog            System Logging Utility
  telnet            Telnet
  tftp              Trivial File Transfer Protocol
  vdolive           VDOLive streaming video
  vofr              voice over Frame Relay packets
  winmx             WinMx file-sharing application
  xwindows          X-Windows remote access
=========================================
Your version of IOS supports HQF, but above doesn't use HQF features.
is the 1st choice need the HQF ???  if onot important dont use it
=====================================================
You'll have to determine what traffic is "protected" by matching using the dontPolice match rules.
i want browsing , i mean http  & https webpages are the most important , then youtube , then others like download managers & others
=========================================================================
You'll have to determine how much bandwidth you'll allow for download and other applications.
sure , the bw should gurantee 40 % browsing 30 % youtube 30 % others
=================================================================
Optionally you could define a class just for the Youtube traffic and police it too.  Unsure how well Youtube responds to packet drops.
didnt understand u 
==================================

above is the answers , could u supply a sample Oos for the requirements above ???

regards

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

Policing approach:

class-map match-any browsing

match protocol http

class-map match-any youtube

!not certain what will match youtube, you might try match protocol rtp or match protocl rtsp

!or you might try an acl to match youtube ips (e.g. 173.194.43.32..41,46)

match (you tube?) (protocol ?)|(access-group)

policy-map Sample

class browsing

class youtube

police 165000000 !30% of 550 Mbps

class class-default

police 165000000 !30% of 550 Mbps

interface g#

!ISP/WAN interface

service-policy input Sample

 Posting
 Policing approach:
class-map match-any browsing
match protocol http
class-map match-any youtube
!not certain what will match youtube, you might try match protocol rtp or match protocl rtsp
!or you might try an acl to match youtube ips (e.g. 173.194.43.32..41,46)
match (you tube?) (protocol ?)|(access-group)
policy-map Sample
class browsing
class youtube
police 165000000 !30% of 550 Mbps
class class-default
police 165000000 !30% of 550 Mbps
 interface g#
!ISP/WAN interface
service-policy input Sample

hi , thanks for ur interest .

about the config above , u didnt give 60 % for browsing ??!!!

another issue , you applied the Qos on only 1 interface !!

should Qos applied to two onterface ?? i mean the in and the out interfaces of the router ??

regards

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

about the config above , u didnt give 60 % for browsing ??!!!
another issue , you applied the Qos on only 1 interface !!
should Qos applied to two onterface ?? i mean the in and the out interfaces of the router ??

60% or 40% for browsing?  Your earlier post had 40% and 30%, each, for the other two traffic classes.

No, I didn't police the browsing traffic because you noted earlier you wanted it to have 1st priority.  Not policing it allows browsing traffic to have access to bandwidth not being used by the other classes.  If the other classes hit their full values, the remaining bandwidth, the same as would be policed, is what would be available to browsing traffic.

As you noted outbound bandwidth utilization was only reaching 60 Mbps, of the 550 Mbps, you might not need any outbound QoS, but you could try:

policy-map OutboundISP

class class-default

shape average 550000000

int g#

service-policy output OutboundISP

NB: In your version of IOS, the above shaper will fair-queue.

PS:

Instead of the policing policy, you could use a variation of the above for inbound.

policy-map OutboundLAN

class class-default

shape average 450000000

int g#

service-policy output OutboundLAN

NB: if you use the above, don't use the earlier posted policing policy.  Also for this shaper, you might try shaping values of 500 Mbps or 400 Mbps.

hi joseph

it was a typo when i said about 60 % browsing ,

anyway

i will try to apply the configurations u have posted and test it .

and sure if any problem i will return here and ask u 

thanks soo much

regards