01-08-2004 11:24 PM - edited 03-02-2019 12:46 PM
Hope CISCO's expert can help us to solve it.
After testing, we found the qos can work fine exactly ,but specially DOS's ftp application can't work smoothly.
If the bandwidth seems be full,
we usually got the Broken Pipe.
But the FlashGet or Web's download can work fine in that mean time.
I think it is due to too much packets loss on FTP protocol.
Could you please help us to get a solution to solve?
The situation can not be solved by increasing the burst bytes. Thanks!
mls qos
!
class-map match-all in
match ip dscp 0
class-map match-all out
match ip dscp 0
!
!
policy-map p4-out
class out
police 1000000 125000 exceed-action drop
policy-map p4-in
class in
police 1000000 125000 exceed-action drop
!
interface FastEthernet0/4
switchport access vlan 2
no ip address
load-interval 30
service-policy input p4-in
service-policy output p4-out
spanning-tree portfast
show mls qos interface statistics
FastEthernet0/4
Ingress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 12335335 12335335 0 0 832246
Egress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 365280938 n/a n/a 0 48951191
01-09-2004 12:51 AM
Hello,
I guess you could add a class to the policy-map and prioritize FTP traffic. Obviously this might affect the other applications. The config would look like this (additions are marked with -->):
mls qos
!
class-map match-all in
match ip dscp 0
class-map match-all out
match ip dscp 0
--> class-map match-all FTP
--> match ip address 101
!
!
policy-map p4-out
class out
police 1000000 125000 exceed-action drop
policy-map p4-in
class in
police 1000000 125000 exceed-action drop
--> class FTP
--> precedence 5
!
interface FastEthernet0/4
switchport access vlan 2
no ip address
load-interval 30
service-policy input p4-in
service-policy output p4-out
spanning-tree portfast
--> access-list 101 permit udp any any eq ftp
Regards,
GP
01-09-2004 01:46 AM
Dear Sir:
Thank you for your professional suggest.
But there is a egress problem we can not do it.
For Egress direction, it can only support Policer Markdown or Match DSCP.
We can not do match access-group at egress policy.
The second point is the architecture is for different customers. If we can do that, we also will get the no limitation bandwidth of FTP to customers.
01-09-2004 02:02 AM
Dear Sir:
Sorry, there is a another issue if we don't limit the FTP traffic.
From MRTG's graph, it will show the exceed the contract speed of customer's order. It also will lead to some confuse.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide