class-map, is used to classify packets based on like ACL, ToS, protocol and on; this will be used in the policy-map
policy-map, uses class-map to apply different QoS policies to different groups of traffic
Step one [ configuring an access list for citrix ]:
ip access-list extended CITRIX permit tcp <ip range of lan + wildcard subnet> any eq 1494 permit tcp <ip range of lan + wildcard subnet> any eq 2598 permit udp <ip range of lan + wildcard subnet> any eq 2598 permit udp <ip range of lan + wildcard subnet> any eq 1494
Step two [configuring an Policy map ]:
policy-map QOS class VOICE priority 1024 [ this 1024 I used for the continue bandwidth limit for voice ] set dscp ef class CITRIX bandwidth remaining percent 50 [ this is the remaining bandwidth limit for citrix ] set dscp af43 class class-default fair-queue [ This is the rest of the bandwidth which is available for usage ] set dscp default policy-map ALL class SHAPING shape average 4750000 [ this is the shaped speed of the internet line ] service-policy QOS
Step three [ configering class-maps]:
class-map match-all CITRIX match access-group name CITRIX class-map match-all SHAPING match any class-map match-all VOICE match access-group name VOICEAfter this you need to actived all the QOS settings to the interface you need it.
interface FastEthernet0/0 bandwidth 5000 max-reserved-bandwidth 100 service-policy output ALL
Why would we need to limit bandwidth on cisco switch ?
Here is a sample scenario and configuration on cisco switch to limit interface bandwidth.
As you can see on figure 1, we need to connect Customer LAN in building A to LAN building B. We need to limit their bandwidth to for example 256Kb because customer pay less $ in amonth. Ok, lets jump to configuration detail. We will skip in depth discussion of QoS and how it works (check Cisco QoS for detail).
We need globally enable QoS with the “mls qos” configuration command. This command will enable QoS on all ports with default settings. “mls qos” is the key, without it, our next steps will be use less.
SW(config)#mls qos
Define criteria to select traffic for policing, define a class-map to select traffic using defined criteria, define a service-policy using class, and applying a policer to the specified class.
SW(config)#class-map all_traffic
SW(config-cmap)#match ip dscp 0
SW(config-cmap)#exit
SW(config)#policy-map limit_256
SW(config-pmap)#class all_traffic
SW(config-pmap-c)#police 256000 32000 exceed-action drop
SW(config-pmap-c)#
Apply a service policy to a port
SW(config)#int fa0/13
SW(config-if)#service-policy output limit_256
SW(config-if)#service-policy input limit_256
OK, we are done !
We need to check whether what we have done already work properly or not.
SW#sh policy-map int fa0/13 | i rate
30 second offered rate 0 bps, drop rate 0 bps
30 second rate 0 bpsqm_police_inform_feature: CLASS_SHOW
30 second offered rate 0 bps, drop rate 0 bps
30 second rate 0 bpsqm_police_inform_feature: CLASS_SHOW
SW#
It’s normal that we don’t see any traffic count with above command on switch, but if we issue above command on router and no traffic counted, then be aware, maybe you missed something. Otherwise, the following command will show you some counter (if configuration work).
SW#sh mls qos int fa0/13 statistics
FastEthernet0/13
Ingress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 208054281 192207476 15846805 0 4398
Egress
dscp: incoming no_change classified policed dropped (in bytes)
Others: 368212302 n/a n/a 0 4593
