QoS need

Answered Question
May 6th, 2008
User Badges:
  • Silver, 250 points or more

hello


we have one remote site connected to HQ via 1Mbps wan link. users there use many applications in HQ such as internet, database, windows DC, windows exchange,...some users make heavy download and this could saturate the wan bandwidth (1Mbps)

we have the following need: if only internet traffic is travelling via wan link, it could take all the bw. but if there is other applications (specially, Database access) only 256kbps will be reserved for internet.

what is the best solution to achieve this?


thanks

Correct Answer by Jon Marshall about 8 years 11 months ago

You could apply the following QOS policy to your outgoing wan link at your HQ site


In this example assume that


192.168.10.0/24 is your remote site


192.168.5.0/24 & 192.168.6.0/24 are your subnets at HQ where the remote users get their database/windows DC etc. from


access-list 101 permit ip 192.168.5.0 0.0.0.255 192.168.10.0 0.0.0.255

access-list 101 permit ip 192.168.6.0 0.0.0.255 192.168.10.0 0.0.0.255


class-map LINT

match access-group 101


policy-map LINT

class LINT

bandwidth percent 50


int s0/1

service-policy output LINT


The above reserves 50% of traffic for your non-internet usage. If it is not used then Internet will be able to use it. Note that 25% is reserved by the router itself hence the reason you have 50% rather than 75%.


You should also apply a similiar service-policy at the remote site as well but as you say you are primarily concerned with heavy downloads.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (3 ratings)
Loading.
Correct Answer
Jon Marshall Tue, 05/06/2008 - 23:28
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

You could apply the following QOS policy to your outgoing wan link at your HQ site


In this example assume that


192.168.10.0/24 is your remote site


192.168.5.0/24 & 192.168.6.0/24 are your subnets at HQ where the remote users get their database/windows DC etc. from


access-list 101 permit ip 192.168.5.0 0.0.0.255 192.168.10.0 0.0.0.255

access-list 101 permit ip 192.168.6.0 0.0.0.255 192.168.10.0 0.0.0.255


class-map LINT

match access-group 101


policy-map LINT

class LINT

bandwidth percent 50


int s0/1

service-policy output LINT


The above reserves 50% of traffic for your non-internet usage. If it is not used then Internet will be able to use it. Note that 25% is reserved by the router itself hence the reason you have 50% rather than 75%.


You should also apply a similiar service-policy at the remote site as well but as you say you are primarily concerned with heavy downloads.


Jon

ohassairi Tue, 05/06/2008 - 23:44
User Badges:
  • Silver, 250 points or more

thanks jon for the solution.

do you know why 25% is reserved by the router itself?

guruprasadr Tue, 05/06/2008 - 23:53
User Badges:
  • Gold, 750 points or more

HI, [Pls Rate if HELPS]


The Default class (class class-default) gets a 25% BW guarantee


Pls Rate if HELPS


Best Regards,


Guru Prasad R

Joseph W. Doherty Thu, 05/08/2008 - 05:07
User Badges:
  • Super Bronze, 10000 points or more

I might be mistaken, but assuming class-default works out of the normal default reservation of 25%, and assuming when 100% bandwidth not allocated, classes share bandwidth in proportion to their bandwidth reservations, then we have a ratio of 50:25, or 2:1, or non-Internet can have 2/3, and Internet, and other non-matched traffic, 1/3. So, setting LINT's bandwidth to 75%, would come closer to the OP request to only reserve a minimum 256 Kbps for Internet traffic.


Although there's nothing wrong with selecting the HQ traffic explicitly and allowing Internet traffic to fall within the class-default, the converse could be done too.


e.g. (converse of Jon's example)


access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.10.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.10.0 0.0.0.255

access-list 101 permit ip any any


class-map LINT

match access-group 101


policy-map LINT

class LINT

bandwidth percent 6

!chose 6% to be about 25% of default's 25%


int s0/1

service-policy output LINT


PS:

BTW:

Something to be careful with, if WFQ active in class-default, although other explicit classes limited to a normal allocation of 75%, FQ class-default flows not really limited to 25% of the total bandwidth on most platforms.


See Understand Platform Differences within http://www.cisco.com/en/US/tech/tk39/tk48/technologies_tech_note09186a00800fe2c1.shtml. Document is focused on ATM, but believe class-default FQ works as described for other interface types.

petersrule2003 Fri, 05/09/2008 - 16:38
User Badges:

match all the scavenger traffic or aggressive traffic into a class(e.g http,ftp,kazaa..etc) and give it a minimum bandwidth of 256 kbps using the bandwidth command in ur policy map.


then match all important traffic such as the database ,,exchange etc and then put it in a llq with bandwidth of 494 kbps using the priority command if the max reserve bandwidth is left at default 75%.


so that at any point in time the bandwidth allocated to internet traffic like http is 256 but if there is no important traffic it can use all the interface bw and if there is important traffic it is limited to 256kbps

Actions

This Discussion