Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How to setup Qos on a Cisco 2921 router for traffic that is using Remote Desktop to run an application that resides on a SQL server

Posted on 2015-02-22
Medium Priority
Last Modified: 2015-03-19
I am running a Student Information System application on a SQL server. The server resides at a high school and several elementary schools are connecting to and running this application via Remote Desktop. These schools have only 10 Meg bandwidth and the SQL server at the high school has a 100 Meg connection. Sometimes during the day, when the user at the 10 Meg site is running this application, if the school maxes out their 10 Meg connection the users connection to this application is terminated until such time as enough bandwidth is freed up to allow this user to autoconnect to the Terminal Services Program and continue running it.

Is there a way to setup Qos on port 3389 on a Cisco 2921 router that exists at each of these schools that have a 10 Meg connection such that these users will not get disconnected from the application that is running on the SQL server at the high school.

Thanks for your help.

Question by:skenny10
LVL 10

Accepted Solution

koudry earned 2000 total points
ID: 40666746
You should be able to setup QoS to prioritise your various traffic. You can define an Access Control List (ACL) for your different applications and classify the traffic based on that. For example, you can have an ACL for your SQL server application by inspecting port, for example:

access-list 100 permit tcp any any eq 3389

You can create one of these for each one of the applications that you want your QoS to process.

You can then create a queue to assign the ACL to it, for example:

class-map match-any SQL_Class
match access-group 100

So you create a class-map for each application group

You will then attach the class map to a QoS policy-map.  The police command in the QoS policy, helps you enforce the bandwidth that you want for each application group or queue. This way, no bandwidth hungry will eat bandwidth belonging to other application. For example:

policy-map Name-of-Policy-Map
      class Name-of-Priority-Queue
            police 68000 2000 2000 conform-action <conform action> exceed-action <exceed action>
            priority 68
      class Name-of-second-important-queue
            police 52000 16000 32000 conform-action <conform action> exceed-action <exceed action>
            bandwidth 158
            random-detect exponential-weighting-constant 4
            random-detect precedence 6  20  32  10
            random-detect precedence 2   6  16   5
            random-detect precedence 0  20  32  10
      class class-default
            police 8000 8000 8000 conform-action <conform action> exceed-action <exceed action>
            bandwidth 17
            random-detect exponential-weighting-constant 4
            random-detect precedence 5   6   16  5

You may add a parent policy to the above, for example:

policy-map Parent-Policy-Name
 class class-default
 shape average 1000000
service-policy Name-of-Policy-Map

The parent policy is based on the overall CDR (Committed Data Rate) which is the rate that you have subscribed to. The unit is bits per second (bps).

Now you need to assign your QoS policy to your egress / WAN interface, for example:

interface xyz
bandwidth 10000 <-- this is the CDR in kbps
service-policy output Parent-Policy-Name


This is a recap:

Step 1: create ACL for each application
Step 2: create class-map where you assign the ACLs. The class maps are queues that group your applications, so you can assign as many ACLs as you need.
Step 3: create a policy-map where you use your classes but also use the police command to enforce bandwidth for each class. This is to stop other classes abusing bandwidth; you may not need the parent policy
Step 4: attach the QoS policy to your WAN interface.

If none of these make sense, please let me know.

see also:



Author Closing Comment

ID: 40676311
Thanks so much.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Desktop Shadowing often has a lot of benefits. When helping end users determine problems, it is much easier to see what is going on, what is being slecected and what is being clicked on. While the industry has many products to help with this,…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question