11-18-2007 09:27 AM - edited 03-03-2019 07:35 PM
Hi, I have a Cisco 877 in VPN mode to my Head Office. This 877 is in a remote office that just use citrix over the IPSEC tunnel, can I set the tunnel to make citix top of the list for allocated bandwidth?
11-18-2007 09:26 PM
Andy,
You should consider IP NBAR to classify your traffic and use QOS to shape and prioritize it.
Check out..
http://www.cisco.com/en/US/docs/routers/access/800/801/software/configuration/guide/advconf.html
Here is a very basic example:
! Specify your egress bw and turn IP NBAR on
interface fa4
bandwidth 768
ip nbar protocol-discovery
! Build a class-map to set your criteria
class-map match-any app-citrix
match protocol citrix
! Build a policy-map to QOS your traffic
policy-map application-queueing
class app-citrix
set dscp cs3
priority percent 35
!
class class-default
fair-queue
random-detect
! Have fun..
int fa4
service-policy output application-queueing
end
! See if it's working
show policy-map interface
11-18-2007 10:55 PM
Thanks for this, I have a couple of questions if that's ok.
I have a 877 would I add this to the vlan1 which is the inside router interface or dialer 1 DSL interface?
Is the bandwidth on the interface (768) the allowed outbound bandwidth for citrix?
Do you think QoS would make much difference in your experience and is worth always doing?
I also have a Cisco 837 which can't do ip nbar, will üt be any good on this?
I hope I haven't asked too many questions, its just a very new area to me.
Thanks
11-19-2007 09:16 PM
This should be applied as an outbound policy-map on your dialer interface.
Your policy-map will calculate bandwidth percentages based on your interface 'bandwidth x' and class 'bandwidth percent x' statements.
768 * .35 = 268.8kbps reserved for Citrix:
!
interface fa4
bandwidth 768
!
policy-map application-queuing
priority percent 35
!
QoS can make all the difference in the world.
The 837 is capable of 'ip nbar' if you use IOS 12.4T (IP/FW/Plus 3DES) - c837-k9o3sy6-mz.124-15.T1.bin
You can achieve the same with an ACL--substituting 'match protocol x' with 'match access-group *' Alternatively, you can use Cisco SDM to build this for you.
Good luck!
11-19-2007 10:50 PM
Hi, the bandwidth 768 would = my DSL upload speed?
You say the 124.15t can do nbar, my router only has 12mb and I use the SDM sometimes, so I don't think I have enough space.
Are you saying I can do the same as nbar but use ACL substituting? To give me the same results? I can see the QoS option in the SDM.
How would I know if the policy is working?
Many thanks for your time
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide