12-22-2003 02:08 PM - edited 03-02-2019 12:30 PM
I have an old 2511 running 12.2(13).
We have a remote office connected to HQ via 1.5meg Frame Connection.
We currently have the entire office on E0. The office is divided into two departments, Support and Sales.
When ever the support guys start downloading large attachments or FTPing files to/from sites, etc, the sales guys cant get to the accounting systems and Databases.
I wanted to move the Support guys to the second interface and do some QOS or something to give the sales guy's traffic priority on the serial link.
How can I set this up on the 2511 with IOS 12.2(13) Or can I?
Thanks,
Scott<=
12-22-2003 02:18 PM
Hello Scott
I would use class-based weighted fair queueing and prioritze all other traffic over the FTP traffic, You do not need to split the user groups across interfaces for this. IOS 12.2(13) should be sufficient for Class-Based Weighted Fair Queuing (that is what this is called). The configuration would look like this:
Router#conf t
Router(config)#class-map match-all ANYTRAFFIC
Router(config-cmap)#match access-group 101
Router(config-cmap)#exit
Router(config)#class-map match-all FTP
Router(config-cmap)#match access-group 102
Router(config-cmap)#exit
Router(config)#access-list 101 deny tcp any any eq ftp
Router(config)#access-list 101 deny tcp any any eq ftp-data
Router(config)#access-list 101 permit ip any any
Router(config)#access-list 102 permit tcp any any eq ftp
Router(config)#access-list 102 permit tcp any any eq ftp-data
Router(config)#access-list 102 deny ip any any
Router(config)#policy-map PRIORITY
Router(config-pmap)#class ANYTRAFFIC
Router(config-pmap-c)#set precedence 5
Router(config-pmap-c)#exit
Router(config-pmap)#class FTP
Router(config-pmap-c)#set precedence 4
Router(config-pmap-c)#end
Router#conf t
Router(config)#interface Ethernet0
Router(config-if)#service-policy output PRIORITY
With this configuration, all other traffic is prioritized over FTP traffic.
Use the command:
show policy-map interface Ethernet0
to check that FTP packets get another (lower) priority than all other traffic.
Let me know if that is not 100% clear...:)
Regards,
Georg
12-22-2003 03:08 PM
I could very well be wrong but wouldn't you want to apply the policy-map inbound on E0, or perhaps outbound on the WAN interface to keep the WAN queue from getting overrun by the 10Meg Ethernet traffic ? I wouldn't think there would be a problem in the WAN to LAN direction. Again, not a big QOS guy so I could be wrong.
12-22-2003 11:11 PM
Won't you need on the other side of the WAN link in outbound direction? Especially for FTP case?
12-23-2003 02:17 AM
Hello,
indeed, you are right, applying the policy outbound would affect traffic originating on the LAN.
The policy needs to be applied inbound in order to affect traffic coming from the outside:
interface Ethernet0
service-policy inbound PRIORITY
Regards,
Georg
12-23-2003 06:07 AM
I'm not an expert on QoS solutions but I'm a bit confused. First let me explain what I understand from your problem description: You've got two user groups (say two subnets) on LAN and these hosts reach to the rest of the world using a WAN link. And salespeople is complaining about the FTP traffic of the technicals. My first point: at the moment of the congestion this will occur on interfaces connected to the WAN link. Don't we need to apply any QoS config to the WAN interfaces? Assuming I don't know diretction of FTP and other flows, applying outbound CBWFQ to both router WAN interfaces makes more sense to me. Another point is that instead of setting IP precedence field in IP header applying a "bandwidth" command under the policy-maps with appropriate value looks more simple and manageable.
Regards.
12-23-2003 06:04 AM
Hi,
There is not much to do for downstream because of speed mismatch 1.5/10 - your bottleneck is WAN, you could try RED for ftp and slow down whole tcp session.
For upstream you could use CAR & RED on ethernet and just drop out of profile traffic of coloring on ethernet and CBWFQ & policing/shaping .
Don't use tail drop for ftp, tcp doesn't like that :)
01-05-2004 09:14 AM
Thank youl all for your replies.
I guess I should have not used FTP as an Example. (-; Its FTP, HTTP, Windows File Server Transfers, pretty much anything that they can download big files from, they will go it.
Thats why I figured it might be easier to move the Support guys over to the second interface and then just five priority to the Sales guys interface over the Tech people.
The Sales guys are just sending small packets. Mostly just Mail, Remote Desktop Sessions and a few small SQL Queries. So they hop on the line, get the info anf get off. It jsut seems that when someone in the Tech departments tries to load the latest security patches on the 12 Classroom computers, the network dies for the sales guys.
Thanks,
Scott<-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide