Manage Terminal Server Printer Bandwidth with Cisco Traffic Shaping

For terminal server users working remotely via a bandwidth challanged connection from a branch or home office, remote printing can easily consume a good portion if not all of the available bandwidth. Managing printer bandwidth in a Windows 2003 terminal server environment usually requires a 3rd party solution like triCerat ScrewDrivers, converting to Citrix Presentation Server (XenApp) or upgrading to Windows Server 2008 (MSDN Blog Ref) .

Another option if available is traffic shaping.

A few months ago I fielded a trouble call from a client regarding slow terminal server session performance whenever a remote branch office user would print or scan. Around 15 branch office users connect to a Windows 2003 terminal server at the home office via a T1 Point to Point connection. Both ends of the T1 terminate to a pair of Cisco 1841 routers.

Print jobs spool over the wan link from a print server at the home office to one of 2 network copier/printer machines at the branch office. In addition to printing, branch office users consistently send large scan jobs over the wan from the copier/printer machines to a file server at the home office via ftp.

Shaping was implemented on the Cisco 1841 routers to help gaurentee bandwidth for RDP related traffic while throttling the printer and scanning traffic. Below is the relevant home and branch office router shaping code and overview:

Home Office router code:

access-list 115 permit ip any host 192.168.11.202
access-list 115 permit ip any host 192.168.11.203
!
class-map match-all PRINTING-Class
 match access-group 115
!
policy-map RemotePrinting-Policy
 class PRINTING-Class
  bandwidth 30
policy-map WAN-Policy
 class class-default
  shape average 1152000
  service-policy RemotePrinting-Policy
!
interface Serial0/0/0
 description WAN connection to Branch Office
 ip address 192.168.100.1 255.255.255.252
 ip route-cache flow
 service-module t1 clock source internal
 service-module t1 timeslots 1-24
 service-policy output WAN-Policy

First, the printer traffic being sent from the home 192.168.10.x subnet to the branch office 192.168.11.x subnet was identified using a class-map with access-list on the home office router. The ip's listed in access-list 115 correspond to the network copier/printers at the branch office.

Second, a class policy was created for the printer traffic and allocated a maximum of 30 percent overall bandwidth.

Third, the WAN-Policy defines the total available bandwidth for classified and unclassified traffic. The "shape average 115200" command sets the bandwidth limit. It is 75 percent of the total T1 point to point bandwidth as referenced in Cisco's "Class-Based Weighted Fair Queueing" document. The 75 percent can be adjusted as needed with the "max-reserved bandwidth" command (Cisco Ref).

The final step is to apply the shaping policy to the appropriate interface. In this case the "service-policy output WAN-Policy" command is applied to the Serial/0/0/0 interface. The shaping mechanism is applied immediately to any printing traffic destined for the branch office.

Shaping code on the Branch Office router is similar:

access-list 114 permit tcp any any eq ftp
access-list 115 permit tcp any any eq 3389
!
class-map match-all FTP-Class
 match access-group 114
class-map match-all RDP-Class
 match access-group 115
!
policy-map HomeOffice-Policy
 class RDP-Class
  bandwidth 70
 class FTP-Class
  bandwidth 30
policy-map WAN-Policy
 class class-default
  shape average 1152000
  service-policy HomeOffice-Policy
!
interface Serial0/0/0
 description WAN connection to Home Office
 ip address 192.168.100.2 255.255.255.252
 ip route-cache flow
 service-module t1 timeslots 1-24
 service-policy output WAN-Policy

access-list 114 and 115 are used to identify ftp and rdp traffic. A class policy with bandwidth allocations is also created. If needed, 70 percent of the bandwidth will be reserved for rdp traffic. FTP is allocated up to 30 percent bandwidth.

The final bandwidth allocations were established after testing different percentage combinations and user feedback. The 70 30 combination seemed to provide the best overall performance for the number of remote users in this particular environment. Although the print and scan jobs slowed down noticeably, branch office users were no longer experiencing the remote desktop slow down.  Implementing the shaping code on this network resulted in a more stable and consistent overall remote desktop experience. Comments or questions welcomed.