Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

aa
New Member

QoS Config Question

Hello,

We have a Cisco ASA 5510 connecting our internal network to the Internet using a T1 circuit.

Often, a single person downloading a file from the Internet causes bandwidth usage to spike to the full 1.4Mb and to the detriment of other users.

Can someone please suggest the particular QoS config for being able to more equitably share bandwidth among connections?

Thanks in advance.

Ahmadali

5 REPLIES
Cisco Employee

Re: QoS Config Question

Unfortunately, the PIX firewall has no feature set to manage bandwidth per user. On PIX

7.0 code, we have included QoS feature which is a traffic-management strategy that lets

you allocate network resources for both mission-critical and normal data, based on the

type of network traffic and the priority you assign to that traffic. In short, QoS ensures

unimpeded priority traffic and provides the capability of rate-limiting (policing) default

traffic.

Here is some information on Applying QoS Policies :

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration

_guide_chapter09186a0080450b9a.html

aa
New Member

Re: QoS Config Question

Thanks for your reply.

I'm having trouble with the link (second line starting with _guide also appende to url)

.. is it correct?

You mentioned policing of traffic.. is this a feature than can only be applied to default traffic or any defined traffic?

Thanks again.

Cisco Employee

Re: QoS Config Question

hello AA..

why dont you determine first what type of download is it...ftp,peer to peer, web, etc

1) Once we determine the type of protocol this download happens then we can apply the rate limiting for that protocol

2)Or else if there is a specific subnet or host that does this download then we can apply a traffic bandwidth for that host/subnet

aa
New Member

Re: QoS Config Question

Thanks for the reply.

In the typical scenario of an internal network connected to the Internet, how would the rate limiting commands be applied?

Would the 'police' command be an 'input' or 'output'?

Which interface would the service-policy be applied to? The internal one, or the external Internet side?

Thanks again.

Cisco Employee

Re: QoS Config Question

well lets assume you want to rate limit for everything and anything thats accessed then following are the commands needed to limit it for 5mbps (Lets assume you need 5 mbps)

class-map police_traffic

match any

policy-map qos

class police_traffic

police output 5000000 5000000

service-policy qos interface inside

=====================================

Look at the match command ...here you can refine this by using an access-list, protocol instead of "any"

201
Views
0
Helpful
5
Replies