- Gold, 750 points or more
I have implemented the below Configuration on my Internet Router. My Setup is, I have a Internet Link of 10 Mbps Capacity.
I have to split the 10 Mbps as: 6 Mbps Backup VPN over Internet to Europe and 4 Mbps for Internet Usage.
This QOS is designed in such a way like, during Backup VPN Link is Active the 6 Mbps VPN can expand upto 8+ Mbps more based on Peak incoming and outgoing traffic and whereas rest ot the availaible bandwidth for Internet usage.
During Primary MPLS is Up and no usage of Backup VPN Link over Internet, the Internet Usage should be limited to 4 Mbps only at any point of time. ie., in every situation atleast i will have a dedicated Backup VPN of 6 Mbps availaible.
I have seen the Utilization of Internet has crossed more than 4 Mbps for Week # 729. As i know this operates on QOS using CBWFQ concept which uses Token Bucket Algorithm. The Traffic more than 4 Mbps is just an Burst Traffic but i would like to clearly understand why this is happening for entire Week (for long Hrs).
HOW MY CONFIGURATION is WORKING ?
IS my CONFIGURATION is designed as per my REQUIREMENT ?
Please see the COnfiguration and provide me a clear explanation. Thanks in Advance for Help.
Utilization Values: (as per MRTG)
Max In: 5028.6 kb/s (50.3%) Average In: 1824.9 kb/s (18.2%) Current In: 3951.6 kb/s (39.5%)
Max Out: 1652.2 kb/s (16.5%) Average Out: 354.5 kb/s (3.5%) Current Out: 684.8 kb/s (6.8%)
access-list 120 permit ip host <ip_address> host <ip_address>
!! ACL 120 identifying VPN Traffic
access-list 121 permit ip any any
!! ACL 121 identifying non ? VPN Traffic
class-map match-all VPN_BACKUP
match access-group 120
Apply the Policy to the Interface:
service-policy output QOS_CHENNAI
!!inside Interface of Internet Router - connected to DMZ Switch
Apply Rate-Limit ( i.e., CAR) to the Interface:
!!outside Interface of Internet Rouer - connected to Service provider
rate-limit input access-group 120 8000000 1000000 1000000 conform-action transmit exceed-action drop
!! VPN backup limited to 8Mb
rate-limit input access-group 121 4000000 500000 500000 conform-action transmit exceed-action drop
!! Internet traffic limited to 4Mb
Guru Prasad R