Solved

How do I make a Cisco IOS QOS rule to prioritize VNC traffic?

Posted on 2010-08-31
6
1,298 Views
Last Modified: 2013-11-30
I have a Cisco 2811 running Cisco IOS which is the primary router for a multilink site connection. We have 2 links going to one site, both are about 1.5 MB or so. VNC runs HORRIBLY when connecting to a lot of the machines in that site. That amount of bandwidth should be plenty. Especially since the primary is a T1 with uber low latency. I've checked and when we are VNCing there is hardly any bandwidth consumption, so bandwidth constraints should not be an issue neither should lag. So all I can think of is that I need to run QOS to try and boost the traffic priority. But I'm not sure how to do this. I want to prioritize VNC traffic.

Help!
0
Comment
Question by:CCB-Tech
  • 5
6 Comments
 
LVL 26

Expert Comment

by:pony10us
ID: 33571476
There are 2 issues with VNC.
1.  It is extremely slow regardless of bandwidth.  We have used it between 2 PC's in the same subnet on the same 1G switch so there is not router involved and it gives poor performance.
2. You didn't mention what version of VNC you are using (TightVNC, UltraVNC or just VNC). If you are using the basic VNC then you should be aware that it sends passwords in plain text across the wire.

I would suggest that you consider alternatives to VNC such as Windows Remote Support or TeamViewer (available on the internet).
0
 
LVL 26

Expert Comment

by:pony10us
ID: 33571497
One more thing.  I have used TeamViewer to work on a friends computer in Germany from the west coast of the US and it's almost like sitting in front of her computer it is that fast over the internet and she is on dial up and I was on a 768k DSL
0
 

Author Comment

by:CCB-Tech
ID: 33571651
You make very good points my man! I do need to post further information. We are using UltraVNC 1.8.2 with Encryption turned on. We are aware of the plaintext problem, so we long ago enabled encryption. With the RC4.key having to be deployed manually it's quite safe :).

See, the reason that I feel it is something to do with the routes is the following. We have a different connection to another site that is 100Mb fiber, and using VNC with it is as good as VNC gets. It goes through the same router though naturally through a different connection.

It's just this site that acts differently. Even with lowered settings it doesn't work as well as all of our other VNC connections. Any ideas?
0
ScreenConnect 6.0 Free Trial

At ScreenConnect, partner feedback doesn't fall on deaf ears. We collected partner suggestions off of their virtual wish list and transformed them into one game-changing release: ScreenConnect 6.0. Explore all of the extras and enhancements for yourself!

 
LVL 26

Accepted Solution

by:
pony10us earned 250 total points
ID: 33572034
Does this help?

QOS is a multi step setup. It is not the easiest thing to do. Here are the basics of it that I copied out of a TechRepublic article. For what you are talking about I would probably use an ACL based setup if there was no other QOS already running.
Step 1: Define the traffic
You must tell the router which traffic you want to give QoS, which you can accomplish either using an access control list (ACL) or using Network Based Application Recognition (NBAR). An ACL is the traditional way to define any traffic for a router.
With NBAR, however, the router just recognizes the traffic traveling through the router—it knows that HTTP is HTTP, Skype is Skype, etc. But there's a limited list of protocols and applications that the router recognizes.
While the router won't recognize every single application, each IOS upgrade adds more to the list. In addition, you can create custom application recognition files.
Step 2: Create a class-map
A class-map defines the traffic into groups. For example, you could create a class-map called VoIP traffic and put all VoIP protocols under it.
Step 3: Create a policy-map
A policy-map matches the classes from the class-map with how much bandwidth and/or priority you want to give this traffic.
Step 4: Apply the policy-map to the interface
Like an ACL, you must apply the policy-map to the specific interface you want it to affect. You can apply the policy-map in either output or input mode. Here's the command to use:
service-policy output|input {name of policy-map}
If you're using NBAR to recognize the traffic, you must also use the ip nbar protocol-discovery command on the interface. This enables NBAR to begin looking at the traffic
0
 
LVL 26

Expert Comment

by:pony10us
ID: 33572437
Also, remember that QoS only gaurantees not to go slower when the line gets congested. It does not improve it otherwise.

Here is a good article on UltraVNC:  http://www.paulscomputerservice.net/articles/article.php?ID=43
0
 
LVL 26

Expert Comment

by:pony10us
ID: 33697483
Thank you for the points.  I hope the information was helpfull.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now