Prioritizing traffic according to protocol

Unanswered Question
Jul 18th, 2010


I would like to know if it is possible to perform variable traffic shaping per protocol on a Cisco router (I have a 877W).

What I am looking for is that if I transfer files by FTP, I will get the maximum bandwidth available from my WAN but as soon as I want to use HTTP it will get prioritized and will get all the bandwidth it needs while decreasing the FTP. When the HTTP data is done, the FTP will get back the maximum bandwidth available.

I know I can match protocol under the MQC and also use shape/police for limiting traffic. Is there a way to configure a priority of a minimum bandwidth for the FTP and let it burst all the way untill HTTP traffic comes and reduce the FTP so the minimum I set?

Thanks a lot!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Sun, 07/18/2010 - 12:45

Hello Oren,

you can use queueing instead of shaping/policing

with CBWFQ you can specify the per class bandwidth when the link is full, but the mechanism is elastic and allows one traffic class to go beyond its bandwidth settings when resources are available.


Hope to help


oren.hecht Sun, 07/18/2010 - 13:59

Hey Giuseppe,

Thanks for the help.

Isn't CBWFQ meant for manganing queues? Won't it only prioritize the http traffic when I fully utilize all the WAN bandwidth and start congesting the interface and the queue start to fill up?

On my WAN interface I did not see any queue that gets filled even a bit.


oren.hecht Mon, 07/19/2010 - 04:40


I have taken a closer look onto my router performance and noticed that the output queue does indeed fill up:

Input queue: 0/75/7281/0 (size/max/drops/flushes); Total output drops: 23436

Sometimes I can see the queue size with a number other than zero.

This behavior has led to more questions but before I ask them I would like to share my thoughts on CBWFQ.

As I noticed my queue does indeed fill up and gets congested (With a lot of drops) I did start to look into CBWFQ.

My main goal is identifying hungry traffic and limit it when other traffic is present, I consider hungry traffic to mainly be FTP & P2P.

Since I had troubles on my network with identifying HTTP traffic (ip inspect for HTTP caused severe degradation of the performance of my router) I prefer identifying only the FTP & P2P traffic.

Here is my plan:

Match FTP & P2P and give it bandwidth percent of a at least 10% when the WAN connection is congested, when it is free give it up to 100%.

Other traffic get priority over FTP & P2P and can get up to 90% of the WAN connection whenever they want (If needed - the router should drop the hungry traffic).

I know how to use the bandwidth statement to give the hungry traffic at least 10% but I do not know which command I use to prioritize a class over the other. I do not want to use the priority command (LLQ) for the other traffic since it won't let it go over beyond the bandwidth rate I configure.

In addition since I want to match a specific type of traffic and give it less priority than all the rest I thought on classifying it on my incoming LAN interface and then match the classifications on the outside WAN connections like so:

Incoming LAN interface

match FTP & P2P -> Mark AF21

match any            -> Mark AF31

Outgoing WAN Connection

Match AF31 ->Priority over all with a minimum of 1% with burst option for what is free of up to 90%. (I don't need the minimum set since it will have priority)

Match AF21 -> minimum of 10% with burst for what ever is free

Do you think there is a better way of doing so? I am afraid that using two policy-maps will affected performance.

Also how do I prioritize one class over the other (Same as in the old queuing  method of Priority Queuing)?

On a different matter, I have a PPPOE over ATM connection (ADSL) for my WAN connection.

I have 3 interfaces for it:


ATM0.1 point-to-point (Where I set the PVC)

Dialer 0

I noticed that the only queue showing action is the one for ATM0 but on Cisco's website they say you can only set it on the ATM0.1 point-to-point since the ATM0 queue is Per-VC queue.

Can I set the queuing on the ATM0 or should I indeed set it on ATM0.1? Is even possible? This is weird for me because the only interface showing any queuing statistics (The same ones attached at the begining of my post) is ATM0.

Thank you very much,



This Discussion

Related Content