Simple Cisco Switch Traffic Shaping

Simple Cisco QOS configuration. Since a couple of days back I had to configure QOS on a Cisco router with 5 mbit of synchrone internet connection. To archive a configuration I had to figure out if i could find a simple way to create a QOS templete for VOICE & Citrix combined.


class-map, is used to classify packets based on like ACL, ToS, protocol and on; this will be used in the policy-map
policy-map, uses class-map to apply different QoS policies to different groups of traffic


Step one [ configuring an access list for citrix ]:
ip access-list extended CITRIX
  permit tcp <ip range of lan + wildcard subnet> any eq 1494
  permit tcp <ip range of lan + wildcard subnet> any eq 2598
  permit udp <ip range of lan + wildcard subnet> any eq 2598
  permit udp <ip range of lan + wildcard subnet> any eq 1494

Step two [configuring an Policy map ]:
policy-map QOS
  class VOICE
   priority 1024 [ this 1024 I used for the continue bandwidth limit for voice ]
   set dscp ef
  class CITRIX
   bandwidth remaining percent 50 [ this is the remaining bandwidth limit for citrix ]
   set dscp af43
  class class-default
   fair-queue [ This is the rest of the bandwidth which is available for usage ]
   set dscp default
 policy-map ALL
  class SHAPING
   shape average 4750000 [ this is the shaped speed of the internet line ]
   service-policy QOS

Step three [ configering class-maps]:
class-map match-all CITRIX
  match access-group name CITRIX
 class-map match-all SHAPING
  match any
 class-map match-all VOICE
  match access-group name VOICE
After this you need to actived all the QOS settings to the interface you need it.
interface FastEthernet0/0
  bandwidth 5000
  max-reserved-bandwidth 100
  service-policy output ALL



Why would we need to limit bandwidth on cisco switch ?
 Here is a sample scenario and configuration on cisco switch to limit interface bandwidth.


Sample Scenario
As you can see on figure 1, we need to connect Customer LAN in building A to LAN building B. We need to limit their bandwidth to for example 256Kb because customer pay less $ in amonth. Ok, lets jump to configuration detail. We will skip in depth discussion of QoS and how it works (check Cisco QoS for detail).

We need globally enable QoS with the “mls qos” configuration command. This command will enable QoS on all ports with default settings. “mls qos” is the key, without it, our next steps will be use less.

SW(config)#mls qos

Define criteria to select traffic for policing, define a class-map to select traffic using defined criteria, define a service-policy using class, and applying a policer to the specified class.

SW(config)#class-map all_traffic
SW(config-cmap)#match ip dscp 0
SW(config-cmap)#exit
SW(config)#policy-map limit_256
SW(config-pmap)#class all_traffic
SW(config-pmap-c)#police 256000 32000 exceed-action drop
SW(config-pmap-c)#


Apply a service policy to a port

SW(config)#int fa0/13
SW(config-if)#service-policy output limit_256
SW(config-if)#service-policy input limit_256

OK, we are done !
We need to check whether what we have done already work properly or not.

SW#sh policy-map int fa0/13 | i rate
30 second offered rate 0 bps, drop rate 0 bps
30 second rate 0 bpsqm_police_inform_feature: CLASS_SHOW
30 second offered rate 0 bps, drop rate 0 bps
30 second rate 0 bpsqm_police_inform_feature: CLASS_SHOW
SW#

It’s normal that we don’t see any traffic count with above command on switch, but if we issue above command on router and no traffic counted, then be aware, maybe you missed something. Otherwise, the following command will show you some counter (if configuration work).

SW#sh mls qos int fa0/13 statistics
FastEthernet0/13
Ingress
dscp: incoming       no_change      classified      policed      dropped (in bytes)
Others: 208054281    192207476    15846805      0           4398
Egress
dscp: incoming       no_change      classified      policed      dropped (in bytes)
Others: 368212302        n/a                n/a                 0                4593