05-30-2007 05:15 AM - edited 03-03-2019 05:13 PM
I need to prioritize Citrix traffic, we have 20+ users and all use Citrix for our applications. There are a few fat apps at this site, but if they slow down from prioritizing citrix, it's not big deal. This is a cisco 1760, and a Point to Point T1 to our data center.
Ok here goes, been reading a little about this... Citrix is BURSTY! I downloaded and installed DU meter and it shows how Bursty and thirsty Citrix actually is... i recommend DU meter for everyone who thinks citrix is just a 20Kb/sec thin client connection.... it averages out that way, but the virtual channels definitely need to be capped on a WAN.
Below is the running config on my router, and the sho int.... the QOS policy doesn't seem to work, i can start a download on Dell's website and slow everyone down. I"m going to upgrade the IOS to 12.4(4) tomorrow and see if it helps, mainly because the citrix PDLM is version 9 in that IOS and will allow me to prioritize ICA virtual channel traffic... I hvae to get this working first.
background, router config is very simple, we basically direct all traffic to the data center....where we have a 2mb/sec internet connection and our servers.
Can anyone give me some pointers on the QOS policy and why it's not working? I'll clear counters and post again soon on the serial interface..
next post willhave sho run and sho int
05-30-2007 05:15 AM
version 12.3 ! 12.3.17!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WBR
!
boot-start-marker
boot-end-marker
!
no aaa new-model
ip subnet-zero
!
!
!
ip cef
!
!
!
class-map match-any cmap1
match protocol citrix
!
!
policy-map policy1
class cmap1
priority percent 60 ! i've tried bandwidth, bandwidth percent...etc.etc.!
!
!
!
interface FastEthernet0/0
ip address 10.4.16.1 255.255.255.0
speed auto ! i've tried nbar discovery here too.. nogo!
!
interface Serial0/0
ip address 10.4.254.13 255.255.255.252
ip nbar protocol-discovery
encapsulation ppp
service-module t1 timeslots 1-24
service-policy output policy1
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.4.254.14
no ip http server
!
!
line con 0
line aux 0
line vty 0 4
login
!
end
FastEthernet0/0 is up, line protocol is up
Hardware is PQUICC_FEC, address is 0007.8580.9a5b (bia 0007.8580.9a5b)
Internet address is 10.4.16.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 64000 bits/sec, 70 packets/sec
5 minute output rate 229000 bits/sec, 77 packets/sec
95494624 packets input, 234654134 bytes
Received 212846 broadcasts, 0 runts, 0 giants, 0 throttles
2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
110057240 packets output, 2224620012 bytes, 1 underruns
1 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Serial0/0 is up, line protocol is up
Hardware is PQUICC with Fractional T1 CSU/DSU
Internet address is 10.4.254.13/30
MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec,
reliability 255/255, txload 8/255, rxload 37/255
Encapsulation PPP, LCP Open
Listen: CDPCP
Open: IPCP, loopback not set
Keepalive set (10 sec)
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters 1w3d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 143
Queueing strategy: Class-based queueing
Output queue: 0/1000/64/143 (size/max total/threshold/drops)
Conversations 0/27/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 231 kilobits/sec
5 minute input rate 224000 bits/sec, 77 packets/sec
5 minute output rate 54000 bits/sec, 69 packets/sec
110176876 packets input, 1131770195 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
12 input errors, 0 CRC, 11 frame, 0 overrun, 1 ignored, 0 abort
95508916 packets output, 3544653127 bytes, 1 underruns
1 output errors, 0 collisions, 20 interface resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
05-30-2007 06:04 AM
Have you looked at "show policy-map interface Serial0/0" this will show you how much traffic is being matched by class cmap1.
05-30-2007 06:14 AM
I haven't , i'm jack of all trades master of none sys admin, just know how to do the basics.. here's the numbers below...
loooks like it's matching... just don't understand how I can get a download started from dell.com, and it will stay at 180+ Kb/sec and choke all my other users.
Service-policy output: policy1
Class-map: cmap1 (match-any)
19656770 packets, 995646082 bytes
5 minute offered rate 212000 bps, drop rate 0 bps
Match: protocol citrix
19656770 packets, 995645929 bytes
5 minute rate 212000 bps
Queueing
Strict Priority
Output Queue: Conversation 264
Bandwidth 60 (%)
Bandwidth 921 (kbps) Burst 23025 (Bytes)
(pkts matched/bytes matched) 65829/3590140
(total drops/bytes drops) 0/0
Class-map: class-default (match-any)
7246437 packets, 1126582897 bytes
5 minute offered rate 85000 bps, drop rate 0 bps
Match: any
05-30-2007 06:30 AM
From your outputs QoS seems to be configured and working. The show interface doesn't have many dropped output packets. This policy is applied to the output and most of the traffic is input. Can you look at the corresponding output policy on the remote router interface.
05-30-2007 07:24 AM
I can't, the remote router is managed by our data center. We have 4 T1s going to a managed cisco 3600. \
\
I'm guessing I need to work with our data center to add priority to the cisco packets?
05-30-2007 07:24 AM
Do you recommend using the priority or the bandwidth command on the policy?
05-30-2007 07:34 AM
Both will do the job, priority is normally used for voice but as this is a private line you can use priority without issue.
05-30-2007 08:25 AM
Thanks Paul, one last question...
regarding the available bandwidth... I think it's calculated max rate X .75...
Do i need to reserve 25% of bandwidth for this connection? Since there's really only 1 static route?
05-31-2007 09:32 AM
I just had the data center match my policy on their output, and i'm still having the same problems... any ideas?
05-31-2007 03:16 PM
One other thing that you could try is matching based on ACL. I've had trouble in the past matching citrix using nbar. From your site, you could match all ip traffic to the citrix server, and from the data center, you could match all traffic from the ip of the citrix server.
See if that makes a difference.
05-31-2007 07:49 PM
Hii..as for this prb..i suggest tht we can try by using priority list using acl match for the traffic pertaining to the citrix subnet.
aslo u can give the rest to the default traffic..
Alternatively,if u r also having large internet traffic apart frm the citrx ones.
use rate limiting to assign a minimum normal traffic to the internet traffic, so tht these guys dont squeeze much of ur b/w
pls try and do rate the post.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: