http QoS on a cisco 837?

whiteford · ‎11-24-2007

Hi, I have a cisco 837 just for my home internet (no vpn). I would like to add QoS for http, is this possible? My router hasn't got the nbar option, the IOS id nearly 13mb my router only has 12.2mb.

jheckart · ‎11-26-2007

You would need nbar to match http traffic, but without it, you could effectively match traffic by acl, meaning that you would match tcp/80. Obviously, nbar would pick up the traffic when it went over a port other than what you define as it looks in the application layers.

When you say you want to add QoS, what exactly do you mean? Are you wanting to prioiritize your http traffic, or limit it from using bandwidth needed for other applications?

whiteford · ‎11-26-2007

Hi, I just want to prioritise http traffic.

Thanks

jheckart · ‎11-26-2007

You will only be able to effectively prioritize your outbound http traffic outbound.

1 - define the access-list

ip access-list extended webTraffic

permit tcp any any eq 80

permit tcp any any eq 443

2 - define the class-map

class-map match-any web

match access-group name webTraffic

3 - define the policy map

policy-map prioritizeWeb

class web

bandwidth 90 (or whatever you want this to be)

class class-default

4 - apply the policy map to the interface

service-policy prioritizeWeb output

This is a very simple example which you will likely need to add on to. For example, if you are bridging with a seperate DSL modem and have a FastEthernet interface operating at 100Mb/s and have only 1Mb/s upload, you will also want to shape.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_book09186a0080435d50.html

Post back with any questions.

Thanks,

Jeff

whiteford · ‎11-27-2007

Hi,I'm not using a separate DSL modem as it's built into the 837. I have an 8mb download and 488kbps upload.

I will add your config, but do I add "service-policy prioritizeWeb output" to my DSL dialer interface? Does this mean http and https will get 90% priority?

jheckart · ‎11-27-2007

If you are using the built in modem, then yes, you would add the service-policy to the dialer interface. This means that under outbound congestion only, you're http/https would get 90kbps. If you would like to use percentages, you can substitute the bandwidth command with percent.

Keep in mind that the class-default, by default will get 25% of the interfaces bandwidth. I would not recommend using percentages in your case because your upload and download speeds are very different. When you use percentages, it carves the percentage based on what you issue with the bandwidth command, which is not upload/download specific.

Thanks.

whiteford · ‎11-27-2007

I suppose in my case if it's outbound only it wouldn't make much difference, as the DNS request will go out to find the internet page then download to my PC.

I suppose it would be good for apps like voice or citrix though?

jheckart · ‎11-27-2007

Yes, it wouldn't make much sense unless you are just trying to test.

In your case it would be good for anything where you'll have queueing egress on that interface. On that type of interface, you'll not have igress queueing as it will happen a couple of hops before you.