Simple traffic shaping on border router

Unanswered Question
Mar 17th, 2008

I've got two 3845's, each with a DS-3, carrying two subnets on them for my border routers. Some simple traffic shaping was set on the two Gig interfaces to allow for bandwidth limiting. I.E.- i wanted to be able to put a cap on the amount of BW each port would use. Unfortunately, the policy is not actively working. A # of times recently, one interface has used up the entire DS-3.

Below are the pertinent command lines:

interface GigabitEthernet0/0

description ***Corporate Traffic***

ip address X.X.X.1

duplex full

speed 100

media-type rj45

traffic-shape group 151 15480000 15480000 15480000 1000

!

interface GigabitEthernet0/1

description ***Connection to ECOM***

ip address N.N.N.1

duplex full

speed 100

media-type rj45

traffic-shape group 161 30600000 30600000 30600000 1000

!

interface Serial1/0

description ***ISP CIRCUIT - DS-3***

ip address ....

dsu bandwidth 44210

traffic-shape group 150 15480000 15480000 15480000 1000

traffic-shape group 160 30600000 30600000 30600000 1000

access-list 150 remark *** Rate Limit Corporate Inbound ***

access-list 150 permit ip any X.X.X.0 0.0.0.255

access-list 151 remark *** Rate Limit Corporate Outbound ***

access-list 151 permit ip X.X.X.0 0.0.0.255 any

access-list 160 remark *** Rate Limit ECOMM Inbound ***

access-list 160 permit ip any N.N.N.0 0.0.0.255

access-list 161 remark *** Rate Limit ECOMM Oubound ***

access-list 161 permit ip N.N.N.0 0.0.0.255 any

Any advice?

Thanks in advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paolo Bevilacqua Mon, 03/17/2008 - 17:01

Hi,

it seems to me your acl are swapped around. try:

int s1/0

traffic-shape group 151 ..

And remove traffic-shape under lan interface, these don't make much sense as the traffic has reached the router already.

Joseph W. Doherty Mon, 03/17/2008 - 18:10

Trying to throttle inbound bandwidth on the receiving router is very difficult. (Especially using shapers; policers would work a bit better, but you'll still see inbound bursting on the WAN link.)

PS:

For (WAN) outbound, you might want to consider allowing traffic to not be limited by the shaper if the other group isn't using its bandwidth (although maintain the 1:2 [15:30 Mbps] ratio when both want more). This can be accomplished using CBWFQ.

Actions

This Discussion