Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

identifying Oracle for QoS?

Is there any working config?

Hall of Fame Super Silver

Re: identifying Oracle for QoS?

Hello Recef,

you may want to use an extended ACL matching the well known TCP ports used by oracle applications.

something like

access-list 121 permit tcp any any eq 1521

if 1521 is one port used.

Notice that the well known port follows the server: if you are applying qos for flows coming from the oracle servers you need to use something like:

access-list 122 permit tcp any eq 1521 any

then you create a class map

class-map oracle_traffic

match ip address 121

(or match ip address 122 as noted above)

then in the policy-map you can apply whatever action you want

service-policy cbwfq

class oracle_traffic

bandwidth 500

this provides a queue with 500 kbps guarenteed when the link is full (you can apply this only outbound)

see here table 4-2 the usual TCP ports used

Hope to help


New Member

Re: identifying Oracle for QoS?


1521 is the Oracle server listener port,

After client starts with 1521

They will continue with other port such 10000

I see them from packet sniffer

I want to learn what are theese numbers?

Hall of Fame Super Silver

Re: identifying Oracle for QoS?

Hello Recep,

in general a TCP socket involves an ip address and a TCP port for each endpoint:

oracle server ip addr tcp 1521 --- client ip address tcp xx

where xx is a dynamic port with no special meaning that is chosen by the client operating system because it is free.

Some communications are more complex and use multiple sockets with one used as out-of-band control channel and one or mode data channel sockets.

This can be the case also with Oracle.

If you see two sockets between oracle server and client you are in this second more complex scenario.

if so you would need to use a more advanced feature like NBAR that can inspect the control channel socket to understand what are the ports of the second socket.

ACLs can be used if at least one port of the second port is a well-known port.

Hope to help