• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 694
  • Last Modified:

Managing Cisco CBWFQ


I hope you can help me with this question because I've not been able to find a solution yet.

This is the situation: my private network connects to Internet through a Cisco 2651XM router with a DSL connection providing 10000 Kbps download and 256 Kbps upload. I want to implement a QoS policy on the router so that HTTP traffic from this network gets precedence over HTTP traffic coming from a single host located at I want to use CBWFQ for this.

Let's suppose I configure the class-maps and policy-maps this way:

 class-map match-all HTTP1
    match access-group 150

 class-map match-all HTTP2
    match access-group 160

  policy-map Map
     class HTTP1
        bandwidth percent 50
     class HTTP2
         bandwidth percent 25
     class class-default

  access-list 150 permit tcp any eq 80
  access-list 160 permit tcp host any eq 80

and then apply the Map policy-map to the outside interface using the "service-policy outside Map" interface command.

Now, I know that with this configuration HTTP traffic from is guaranteed minimum 50% of the interface bandwidth and HTTP traffic from is guaranteed minimum 25% but both can increase their own bandwidth usage if the other map isn't using the one reserved for itself.

My question is: suppose that host at and start sending HTTP requests. Are these two flows (which belong to the same class) managed using a FIFO policy inside the same class or are they managed differently? In other words, with the configuration above, what happens if host at starts consuming the whole bandwidth reserved to the HTTP1 class (half of the interface bandwidth) and wants to connect too? Will the router decrease bandwidth assigned to to assign a portion of it to (WFQ behaviour) or will continue to consume the whole bandwidth (FIFO behaviour) thus starving If so, what commands do I have to issue in order to manage different flows inside the same class using a WFQ policy?

Thanks very much for your help.


1 Solution
All traffic that matches a class is treated as "one stream".

If two devices are performing HTTP transactions that both match the same CBWFQ class, it'll behave like FIFO until the bandwidth limiting kicks in and packets will be dropped/delayed.

You'll have to match each specific device and give it a bandwidth allocation if you want specific bandwidth shares.
Vincy8501Author Commented:
Thanks very much for your reply.

I suspected that but, is it really possible that there is no way to manage certain classes that group many IP addresses (like in the configuration above) using CBWFQ and then use WFQ for different flows inside the same class?

You know, it would be much simpler to manage because I could allocate a mininum amount of bandwidth for the whole class and then set the router to split it fairly, instead it would be very difficult to manually set the minimum bandwidth for each of the 254 hosts my internal network range groups. What would happen if those addresses were thousands like in an A class subnet?

Thanks again.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

7 new features that'll make your work life better

It’s our mission to create a product that solves the huge challenges you face at work every day. In case you missed it, here are 7 delightful things we've added recently to monday to make it even more awesome.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now