We are having problems with droping connectivity on some of our staff pc's. The porgram we use to checkout books is very dependant on a steady connection. This is do to the large amount of bandwidth used by our public pc's. They are on seperate vlan's. What is the best way to insure our staff have the bandwidth they need while allowing the pc to use what is left. We don't want to keep them from viewing videos. This is what is consuming the bandwidth. I am reading through the knowledge base and will post if I find the answer.
We have layer 2 & layer 3 switches (cisco 2950's and 3550's) and a corestack made up of 3750's, and use a cisco 5510 asa firewall.
Regards,
ABBEtech
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
We have a WAN. Everything comes back through HQ to get to the web. The program used to check out books is sirsi Workflows it connects to a server off site by way of the internet. We have 14 location. The biggest hogs of bandwidth on our network is the public viewing video. I know this because I ran reports in iPrism. We don't want to block them from viewing videos, but staff needs top priority. Only one of our sites is maxing on bandwidth on a regular bases. The server with my NMS is being rebuild at the moment. Most locations use copper. We connect to the internet with 10mbps and to each branch with t1 @ 1.5 mbps.
The problems seem to be random and at different location. I though if I set it up so the staff VLAN so it had higher priority at least I wouldn't have to worry that the video was the cause. Since the support folks for sirsi are blaming the problem on network issue.
Regards,
ABBEtech
Now to figure out how to seting up QoS....
Thanks for your comments. I'm really swamped this week. I'm going to try to setup some monitoring to see what's really up. I'll posted as I get more info. Any of you that have setup QoS before that would like to share info, I would appreciate it. Is it pretty simply, I mean with a little reseach can I set it up myself? I'm not scared of cisco and i've setup switch before, but to be honest, I minmic one's that are already setup. I can change port interface settings and configurate access-list, but I'm no a cisco expert. I'm worried most about the time it will take to configure it and figure out how to do it. How difficult a task is it? I've already got everything divided into vlan's, we have a WAN that consist of 14 location, all with a router and switch at each location..
Regards,
ABBEtech
Agree, you need QoS on the WAN links.
CoS or VLAN priority will not be sufficient.
On Cisco equipment supporting QoS, depending on how you want to go about doing it there are basically 4 steps involved for each link on which QoS is to be configured.
Understand you need to read up on the different types of QoS and queuing available. Just plain traffic shaping may actually go far in this scenario.
The basic config steps which are taken on your WAN router generally involve
(1) Define "class-maps"; for classifying traffic
class-maps utilize "match" statements to indicate what type of traffic is part of that class.
You can match traffic packets by using interface names, Access lists, or NBAR (match protocol xxxxx), and there are other options such as matching on ToS or IP precedence fields of packets.
E.g.
class-map match-any staff-traffic
match input-interface FastEthernet0/0.123
match access-group staff-priority-traffic
class-map match-all tenant-traffic
match access-group tenant-priority-traffic
class-map match-all management-traffic
match access-group acl-management
match protocol ssh
ip access-list extended management-traffic
permit ip host 1.2.3.4 any
ip access-list extended staff-priority-traffic
permit ip any any eq 80
ip access-list extended tenant-priority-traffic
permit ip any any eq 80
(2) Define a policy-map that utilizes the class maps to either set ToS bits or IP precedence (for another device to implement QoS decisions), or that utilizes class maps to place the traffic into some type of queue.
You might define different policy maps for handling inbound VS outbound traffic.
Policy maps REFER to some class-maps, and when traffic falls into a certain class, the rules under the "class" entry are used to set aside bandwidth, or take various actions.
The first entry that matches is used.
An example utilizing class-based queuing (CBQ):
* Make sure your equipment properly knows how much bandwidth is available in 'show int', and that you don't allocate more than 80% of the link to queues.
policy-map library-wan-traffic
class management-traffic
priority 64 ! Priority queue, exactly 64K for network management
! note this is both a reservation and effectively a limit.
class staff-traffic
bandwidth 256 ! reserve 256K queue for staff web traffic,
! if the queue is full, its traffic can go into other queues
class tenant-traffic
bandwidth 256 ! 256K queue for tenant web traffic
class class-default
! Default gets best effort
fair queue ! Apply Fair queuing to the rest of it
! An example of Policing, which can be used to actually
! cap usage; I probably wouldn't include this here,
! it's more useful if you identify a specific protocol or interface
! as needing to be capped.
police rate percent 98 peak-rate percent 100
conform-action transmit
exceed-action drop
(3) Apply the policy to the WAN interface for outboudn traffic. e.g.
interface Serial6/0
service-policy output library-wan-traffic
This deals with outbound traffic your router is SENDING out over the WAN.
(4) On the other side of the WAN link, apply policies to deal with traffic that will be coming TOWARDS you.
E.g. If your WAN link is a Point-to-Point T1 connection between two locations, it is preferable to have end-to-end QoS, by having both locations apply a similar policy for outbound traffic.
Failing that, you may instead specify a policy for INBOUND traffic:
service-policy input policy-map-name
However, inbound policies are very limited in what they can do.
In fact, you can't absolutely STOP data from being sent towards you,
instead, what you can do with an INBOUND policy is DISCARD data
that has already been sent over the WAN destined for your network.
(That means you're throwing away data that's already crossed the low-speed
connection, in the hopes that throwing it away will slow down TCP connections.)
Because of TCP's behavior when packets are lost, if you police certain traffic, (such as youtube traffic), the connection speed will reduce.
This works for HTTP, and Web traffic. It may not work as well when you need to limit certain P2P applications.
Something also to keep in mind is that web traffic is highly symmetrical; the user sends a very small HTTP request which results in a very large HTTP response -- the receiving end is more likely to be the bottleneck in any case.
So you need either your ISP to apply the QoS to traffic coming downstream to you, or (failing that), you prioritize your incoming traffic in such a way that traffic from the IPs of your checkout system will have higher priority,
and possibly, you use policing to intentionally drop traffic to cause the internet video sites to slow down transmissions.
You can quite easily define a 'class' to include well-known online video sites and limit just those, of course, but I would think of that as the last resort
Business Accounts
Answer for Membership
by: MysidiaPosted on 2009-08-01 at 14:37:26ID: 24996776
We could use some more details to make suggestions.
Is the bottleneck LAN bandwidth or WAN bandwidth?
Do you have fiber or copper gigabit connections between your various switches?
LAN bandwidth is normally plentiful, and if the LAN is designed properly, should not be an issue in most cases. Usually the WAN (connection to the internet) is a bottleneck. If you are experiencing LAN connectivity blips, there may be an issue other than bandwidth usage; something may be creating a broadcast storm, or an infected PC may be generating excessive load.
The program used to checkout books: what does it need connectivity to?
A server on site? Or does it need connectivity to a remote location across a WAN?
How many public PCs are there, and are they viewing high-bitrate video from an on-lan source, or an off-net internet source across a limited WAN link?