How do I make a Cisco IOS QOS rule to prioritize VNC traffic?

I have a Cisco 2811 running Cisco IOS which is the primary router for a multilink site connection. We have 2 links going to one site, both are about 1.5 MB or so. VNC runs HORRIBLY when connecting to a lot of the machines in that site. That amount of bandwidth should be plenty. Especially since the primary is a T1 with uber low latency. I've checked and when we are VNCing there is hardly any bandwidth consumption, so bandwidth constraints should not be an issue neither should lag. So all I can think of is that I need to run QOS to try and boost the traffic priority. But I'm not sure how to do this. I want to prioritize VNC traffic.

Who is Participating?
pony10usConnect With a Mentor Commented:
Does this help?

QOS is a multi step setup. It is not the easiest thing to do. Here are the basics of it that I copied out of a TechRepublic article. For what you are talking about I would probably use an ACL based setup if there was no other QOS already running.
Step 1: Define the traffic
You must tell the router which traffic you want to give QoS, which you can accomplish either using an access control list (ACL) or using Network Based Application Recognition (NBAR). An ACL is the traditional way to define any traffic for a router.
With NBAR, however, the router just recognizes the traffic traveling through the router—it knows that HTTP is HTTP, Skype is Skype, etc. But there's a limited list of protocols and applications that the router recognizes.
While the router won't recognize every single application, each IOS upgrade adds more to the list. In addition, you can create custom application recognition files.
Step 2: Create a class-map
A class-map defines the traffic into groups. For example, you could create a class-map called VoIP traffic and put all VoIP protocols under it.
Step 3: Create a policy-map
A policy-map matches the classes from the class-map with how much bandwidth and/or priority you want to give this traffic.
Step 4: Apply the policy-map to the interface
Like an ACL, you must apply the policy-map to the specific interface you want it to affect. You can apply the policy-map in either output or input mode. Here's the command to use:
service-policy output|input {name of policy-map}
If you're using NBAR to recognize the traffic, you must also use the ip nbar protocol-discovery command on the interface. This enables NBAR to begin looking at the traffic
There are 2 issues with VNC.
1.  It is extremely slow regardless of bandwidth.  We have used it between 2 PC's in the same subnet on the same 1G switch so there is not router involved and it gives poor performance.
2. You didn't mention what version of VNC you are using (TightVNC, UltraVNC or just VNC). If you are using the basic VNC then you should be aware that it sends passwords in plain text across the wire.

I would suggest that you consider alternatives to VNC such as Windows Remote Support or TeamViewer (available on the internet).
One more thing.  I have used TeamViewer to work on a friends computer in Germany from the west coast of the US and it's almost like sitting in front of her computer it is that fast over the internet and she is on dial up and I was on a 768k DSL
Never miss a deadline with

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

CCB-TechAuthor Commented:
You make very good points my man! I do need to post further information. We are using UltraVNC 1.8.2 with Encryption turned on. We are aware of the plaintext problem, so we long ago enabled encryption. With the RC4.key having to be deployed manually it's quite safe :).

See, the reason that I feel it is something to do with the routes is the following. We have a different connection to another site that is 100Mb fiber, and using VNC with it is as good as VNC gets. It goes through the same router though naturally through a different connection.

It's just this site that acts differently. Even with lowered settings it doesn't work as well as all of our other VNC connections. Any ideas?
Also, remember that QoS only gaurantees not to go slower when the line gets congested. It does not improve it otherwise.

Here is a good article on UltraVNC:
Thank you for the points.  I hope the information was helpfull.
All Courses

From novice to tech pro — start learning today.