How to setup Qos on a Cisco 2921 router for traffic that is using Remote Desktop to run an application that resides on a SQL server

Posted on 2015-02-22
Last Modified: 2015-03-19
I am running a Student Information System application on a SQL server. The server resides at a high school and several elementary schools are connecting to and running this application via Remote Desktop. These schools have only 10 Meg bandwidth and the SQL server at the high school has a 100 Meg connection. Sometimes during the day, when the user at the 10 Meg site is running this application, if the school maxes out their 10 Meg connection the users connection to this application is terminated until such time as enough bandwidth is freed up to allow this user to autoconnect to the Terminal Services Program and continue running it.

Is there a way to setup Qos on port 3389 on a Cisco 2921 router that exists at each of these schools that have a 10 Meg connection such that these users will not get disconnected from the application that is running on the SQL server at the high school.

Thanks for your help.

Question by:skenny10
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 10

Accepted Solution

koudry earned 500 total points
ID: 40666746
You should be able to setup QoS to prioritise your various traffic. You can define an Access Control List (ACL) for your different applications and classify the traffic based on that. For example, you can have an ACL for your SQL server application by inspecting port, for example:

access-list 100 permit tcp any any eq 3389

You can create one of these for each one of the applications that you want your QoS to process.

You can then create a queue to assign the ACL to it, for example:

class-map match-any SQL_Class
match access-group 100

So you create a class-map for each application group

You will then attach the class map to a QoS policy-map.  The police command in the QoS policy, helps you enforce the bandwidth that you want for each application group or queue. This way, no bandwidth hungry will eat bandwidth belonging to other application. For example:

policy-map Name-of-Policy-Map
      class Name-of-Priority-Queue
            police 68000 2000 2000 conform-action <conform action> exceed-action <exceed action>
            priority 68
      class Name-of-second-important-queue
            police 52000 16000 32000 conform-action <conform action> exceed-action <exceed action>
            bandwidth 158
            random-detect exponential-weighting-constant 4
            random-detect precedence 6  20  32  10
            random-detect precedence 2   6  16   5
            random-detect precedence 0  20  32  10
      class class-default
            police 8000 8000 8000 conform-action <conform action> exceed-action <exceed action>
            bandwidth 17
            random-detect exponential-weighting-constant 4
            random-detect precedence 5   6   16  5

You may add a parent policy to the above, for example:

policy-map Parent-Policy-Name
 class class-default
 shape average 1000000
service-policy Name-of-Policy-Map

The parent policy is based on the overall CDR (Committed Data Rate) which is the rate that you have subscribed to. The unit is bits per second (bps).

Now you need to assign your QoS policy to your egress / WAN interface, for example:

interface xyz
bandwidth 10000 <-- this is the CDR in kbps
service-policy output Parent-Policy-Name


This is a recap:

Step 1: create ACL for each application
Step 2: create class-map where you assign the ACLs. The class maps are queues that group your applications, so you can assign as many ACLs as you need.
Step 3: create a policy-map where you use your classes but also use the police command to enforce bandwidth for each class. This is to stop other classes abusing bandwidth; you may not need the parent policy
Step 4: attach the QoS policy to your WAN interface.

If none of these make sense, please let me know.

see also:

Author Closing Comment

ID: 40676311
Thanks so much.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Desktop Shadowing often has a lot of benefits. When helping end users determine problems, it is much easier to see what is going on, what is being slecected and what is being clicked on. While the industry has many products to help with this,…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question