we have branch office connected through dsl & cisco805 with both corporate vpn and internet. problem is that users from branch office "over-utilise" their internet access, so the vpn part [that supports core accounting apps] suffers, giving inacceptable bad response times.
i am looking [besides other solutions] to limit bandwith between those two classes directly on cisco805.
i have found some advice on internet, like:
-----8
"stephen" je napisao u poruci interesnoj grupi:R955h.10820$ snipped-for-privacy@newsfe1-win.ntli.net...
thnx for advice, but all of that was allready re-thinked. fixed bandwith limit is not optimal [it is very rough] but is better than situation when "surfers" overload bandwith and stops bussines activity on vpn.
but, does your advice mean that cisco805 is capoable of fixing bandwith utilisation between defined groups [vpn vs internet] somebody told me that i need at least 18xx class of router to do something like that.
This Q is about whether the carrier is clipping some traffic due to a "designed in" bottleneck in the service.
If it is, then your QoS may prioritise some traffic, but the contention may drop enough to affect "high priority" traffic anyway.
dont know if that is feasible on an 805 - the cisco feature navigator doesnt even believe it understands CBWFQ - so probably not.
you might want to try weighted fair queuing (if it isnt turned on already) and see if that can improve matters - WFQ will try to distribute what bandwidth is available evenly across the set of TCP sessions which are active.
cisco feature navigator can tell you which s/w supports what functions (but there are hundreds of QoS features, and several ways to produce bandwidth sharing / traffic limiting):
Note - any kind of policing or rate limiting is going to hit router perf (i expect by at least a factor of 2 or 3) - best case numbers are here:
So - yes - you probably need a bigger router for performance reasons, and the 805 feature set means you might need something else to provide the functions you want.
>"stephen" je napisao u poruci interesnoj grupi:60L5h.16385$ snipped-for-privacy@newsfe3-win.ntli.net...
thnx for the detailed answer.
this dsl link is only 256kb, and all what i am trying is to lower the costs, while increase the performace, and keep the configuration as simple as possible.
doubling link speed will [temporarly] improve the situation, but is expensive, upgrade 256->512 is about eur250/monthly, router upgrade [cisco
18xx class] also costs significantly [not less than eur1500], supervising users what are they doing is not a popular solution, and is also not a "single point" solutuion.maybe the next step i can try is to put sw bandwith limiter between cisco805 and internal branch ofice lan, maybe some linux comp with ipcop sw, but it increase the maintenance complexity ...
thx for the given infos, i shall try to estimate the balance between solutions.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.