×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

QOS Best Effort Policy - utilization on a 2851 Multi Link Int.

Unanswered Question
Mar 20th, 2006
User Badges:

We have QOS configured on a 2851 (12.4.5)

and applied to Multi Link Interface 1 made up of 3 T1s. We want to limit Best effort to 800K. But most of the time we see that FTP and other connections exceed 800K. We are wondering if the Best Effort policy only limits traffic if one or both or the other policies for Citrix or Voice are congested enough to exceed the 1024K prioity we have configured for them. Appreciate any enlightenment on how this should work.


Below are the QOS configs


class-map match-all CITRIX

match access-group name citrix

class-map match-all BEST-EFFORT

match access-group name best-effort

class-map match-all FTP

match access-group name ftp

class-map match-any VOICE

match ip precedence 5

!

!

policy-map mu1

class VOICE

priority 1024

set ip precedence 5

class CITRIX

set ip precedence 4

bandwidth 1024

class BEST-EFFORT

set ip precedence 0

shape average 800000

class class-default

fair-queue

random-detect


ip access-list extended best-effort

permit tcp any eq 445 any

permit tcp any eq ftp-data any

permit tcp any eq 8086 any

permit tcp any eq www any

permit ip host 10.7.4.104 any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pkhatri Mon, 03/20/2006 - 21:49
User Badges:
  • Purple, 4500 points or more

One very probable issue is that the access-list that you have configured for best-effort is not capturing all the FTP traffic. FTP (depending on whether its active/passive and whether it's from a client or server) will use ports other than the 2 well-known ports for data transfer.


I suggest you configure your class-map as follows:


class-map match-any BEST-EFFORT

match access-group name best-effort

match protocol ftp


Note that it has to be 'match-any' and NOT 'match-all'


Hope that helps - pls rate the post if it does.


Paresh

Actions

This Discussion