Simple traffic shaping on border router

Unanswered Question
Mar 17th, 2008
User Badges:

I've got two 3845's, each with a DS-3, carrying two subnets on them for my border routers. Some simple traffic shaping was set on the two Gig interfaces to allow for bandwidth limiting. I.E.- i wanted to be able to put a cap on the amount of BW each port would use. Unfortunately, the policy is not actively working. A # of times recently, one interface has used up the entire DS-3.


Below are the pertinent command lines:

interface GigabitEthernet0/0

description ***Corporate Traffic***

ip address X.X.X.1

duplex full

speed 100

media-type rj45

traffic-shape group 151 15480000 15480000 15480000 1000

!

interface GigabitEthernet0/1

description ***Connection to ECOM***

ip address N.N.N.1

duplex full

speed 100

media-type rj45

traffic-shape group 161 30600000 30600000 30600000 1000


!

interface Serial1/0

description ***ISP CIRCUIT - DS-3***

ip address ....

dsu bandwidth 44210

traffic-shape group 150 15480000 15480000 15480000 1000

traffic-shape group 160 30600000 30600000 30600000 1000



access-list 150 remark *** Rate Limit Corporate Inbound ***

access-list 150 permit ip any X.X.X.0 0.0.0.255

access-list 151 remark *** Rate Limit Corporate Outbound ***

access-list 151 permit ip X.X.X.0 0.0.0.255 any

access-list 160 remark *** Rate Limit ECOMM Inbound ***

access-list 160 permit ip any N.N.N.0 0.0.0.255

access-list 161 remark *** Rate Limit ECOMM Oubound ***

access-list 161 permit ip N.N.N.0 0.0.0.255 any



Any advice?

Thanks in advance!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paolo Bevilacqua Mon, 03/17/2008 - 17:01
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi,


it seems to me your acl are swapped around. try:

int s1/0

traffic-shape group 151 ..


And remove traffic-shape under lan interface, these don't make much sense as the traffic has reached the router already.



Joseph W. Doherty Mon, 03/17/2008 - 18:10
User Badges:
  • Super Bronze, 10000 points or more

Trying to throttle inbound bandwidth on the receiving router is very difficult. (Especially using shapers; policers would work a bit better, but you'll still see inbound bursting on the WAN link.)


PS:

For (WAN) outbound, you might want to consider allowing traffic to not be limited by the shaper if the other group isn't using its bandwidth (although maintain the 1:2 [15:30 Mbps] ratio when both want more). This can be accomplished using CBWFQ.

Actions

This Discussion