Rate-limiting ??

exchange1 · ‎04-29-2008

I connect two customers to my customer facing router using sub-interfaces. I used rate limiting to assign bandwidth to these customers as shown below:

interface FastEthernet0/1.1

description CONNECTION 30Mbps NETWORKS

encapsulation dot1Q 10

ip address x.x.x.43 255.255.255.252

ip verify unicast reverse-path

no ip redirects

no ip proxy-arp

ip router isis

rate-limit input 30000000 20000 20000 conform-action transmit exceed-action dro

p

rate-limit output 30000000 20000 20000 conform-action transmit exceed-action dr

op

no cdp enable

isis circuit-type level-2-only

!

interface FastEthernet0/1.2

description CONNECTION TO 20Mbps NETWORK

encapsulation dot1Q 11

ip address x.x.x.47 255.255.255.252

ip router isis

rate-limit input 20000000 20000 20000 conform-action transmit exceed-action dro

p

rate-limit output 20000000 20000 20000 conform-action transmit exceed-action dr

op

no cdp enable

isis circuit-type level-2-only

!

Does this rate-limiting provide proper way of allocating bandwidth?

What effect does this rate-limiting command has on bandwidth allocation?

Considering the sub-interface used, will this command actually limit the customers?

guruprasadr · ‎04-29-2008

HI, [Pls Rate if HELPS]

Answer to Question:1

YES, the respective "BW" will only be allocated for the Customer, includes the BURST Value as in Command.

Answer to Question:2

The Customer Traffic (inbound / outbound) will not go beyond the reserved one as in command. But the Query is: What is the Traffic Type (Source / Destination Traffic) to be allowed to Access / reserved in the BW Limit ?

Eg:

====

rate-limit input access-group 101 20000000 20000 20000 conform-action transmit exceed-action drop

rate-limit output access-group 101 20000000 20000 20000 conform-action transmit exceed-action drop

Here ACL 101 means the Source / Destination Traffic to be matched for the Rate-Limit Value applied on the Interface.

Answer to Question:3

Applying the Rate-Limit on Sub-interface will very will have limit on the Customers Traffic, nevertheless make sure to match the Traffic by creating an ACL as show in Eg: of Question:2

Hope i am Informative.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

Joseph W. Doherty · ‎04-29-2008

Does this rate-limiting provide proper way of allocating bandwidth?

Rate-limiting is one method of restricting bandwidth. Allocation of bandwidth might also include methods like CQ or CBWFQ.

With regard to "proper", I prefer shaping.

"What effect does this rate-limiting command has on bandwidth allocation?"

It sets a hard limit on maximum bandwidth usage. It behaves much like a physical interface with that much bandwidth using a FIFO queue. The burst size behaves much like a physical interface's FIFO queue size.

"Considering the sub-interface used, will this command actually limit the customers?"

I'm unsure. If it works as you've configured it, it should apply to all traffic across the subinterface. You might want to make an exception for some traffic, e.g. management traffic.

jay77jay77 · ‎04-29-2008

hi

If you use shaping with policy-map, you may apply the policy-map either to inbound or to outbound and cannot control in both directions? is that true?

tks

Joseph W. Doherty · ‎04-30-2008

Not clear whether you asking about where service policies might be applied, inbound and outbound, or traffic control in general, or both. So, I'll try to briefly cover all. Hopefully, I'll answer your question.

I don't recall whether you can use a shaper within an inbound service policy. However, if you're unable to, and assuming you don't have multiple outbound interfaces the inbound traffic can go to, you could place the shaper on the outbound interface. This could be done in the OP's case since each customer appears to have a unique subnet.

It is possible to have both an inbound and outbound service policy on the same interface. Again, there might be restrictions on what such a policy might contain.

Whether you use a shaper or policier (rate limiter) against inbound traffic, the inbound link might have already suffered congestion above the configured limits before it arrives at the shaper or policier. The shaper or policier will regulate the traffic downstream of it. Of the two, by default, an inbound policier usually offers less buffering and may better keep inbound traffic from bursting higher on the inbound link.

In other words, you can control or regulate inbound TCP traffic to some extent, although it's very weak in comparison to outbound control or regulation. For non TCP traffic, that isn't rate adaptive to packet discards, we can not influence the sender's transmission rate.

In the OPs case though, we're not trying to regulate inbound traffic volume, only the traffic rate permitted to/from a particular customer. I.e. the customer will not see or obtain end-to-end bandwidth beyond the limits we've configured.