Subinterfaces issue?

Unanswered Question
Jun 26th, 2008

I divided a fastethernet (100Mbps) to 10 subinterfaces, each subinterface connect to a unique customer, I applied rate-limit to the subinterfaces. I noticed each customers complained about upload and from the PRTG it looks like each customer is pegged to certain upload bandwidth less than 5Mbps while the rate-limit is 45Mbps. Can someone help out.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
purohit_810 Thu, 06/26/2008 - 07:12

How much bandwidth you have assigned to each subinterfaces?

Keep in mind, By creating we can't change PHYSICAL INTERFACE hard core speed.

Thanks,

Dharmesh Purohit

tdrais Thu, 06/26/2008 - 07:19

If you can post part of the config it will be helpful for people to help you.

My outright guess without the configs is that you have the burst rate too low on rate limit.

exchange1 Thu, 06/26/2008 - 07:43

interface FastEthernet0/0

description CONNECTION TO ISP

ip address XXXXXXXXXXXXXXXXX

ip router isis

speed 100

full-duplex

no cdp enable

isis circuit-type level-2-only

!

interface FastEthernet0/3

no ip address

duplex auto

speed auto

no cdp enable

!

!

interface FastEthernet0/3.4

description CONNECTION TO 1111

encapsulation dot1Q 103

ip address XXXXXXXXXXXXX

ip router isis

rate-limit output 30000000 300000 300000 conform-action transmit exceed-action drop

no cdp enable

isis circuit-type level-2-only

!

interface FastEthernet0/3.5

description CONNECTION TO 2222

encapsulation dot1Q 104

ip address XXXXXXXXXXXXXXX

ip router isis

rate-limit output 4000000 35000 35000 conform-action transmit exceed-action drop

no cdp enable

isis circuit-type level-2-only

!

interface FastEthernet0/3.6

description CONNECTION TO 3333

encapsulation dot1Q 105

ip address XXXXXXXXXXXXXX

ip router isis

rate-limit input 10000000 37000 37000 conform-action transmit exceed-action drop

rate-limit output 10000000 37000 37000 conform-action transmit exceed-action drop

no cdp enable

isis circuit-type level-2-only

!

interface FastEthernet0/3.7

description CONNECTION TO 4444

encapsulation dot1Q 106

ip address XXXXXXXXXXXXXXX

ip router isis

rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop

rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop

no cdp enable

isis circuit-type level-2-only

Pravin Phadte Thu, 06/26/2008 - 09:03

Hi,

You rate limits says the below.

interface FastEthernet0/3.4

rate-limit output 30000000 300000 300000 conform-action transmit exceed-action drop

30 Mb - 2.4 Mb

If you are setting this output to 30 Mb you should aplly as below. It will drop after 30 Mb

rate-limit output 30000000 3740000 3740000 conform-action transmit exceed-action drop

interface FastEthernet0/3.5

rate-limit output 4000000 35000 35000 conform-action transmit exceed-action drop

4 Mb 0.28 Mb/280 Kb

It will drop after 4 Mb

rate-limit output 4000000 500000 500000 conform-action transmit exceed-action drop

10 Mb 0.296 Mb/296 Kb

interface FastEthernet0/3.6

rate-limit input 10000000 37000 37000 conform-action transmit exceed-action drop

rate-limit output 10000000 37000 37000 conform-action transmit exceed-action drop

It will drop after 10 Mb

rate-limit input 10000000 1240000 1240000 conform-action transmit exceed-action drop

rate-limit output 10000000 1240000 1240000 conform-action transmit exceed-action drop

interface FastEthernet0/3.7

rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop

rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop

2 Mb - 0.296 Mb/296 Kb

rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop

rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop

rate-limit input 2000000 240000 240000 conform-action transmit exceed-action drop

rate-limit output 2000000 240000 240000 conform-action transmit exceed-action drop

It will drop after 2 Mb

Get this tested with one of the clients. Also suggest to apply both input and ouput as required.

Hope this helps.

Regards,

Pravin

exchange1 Thu, 06/26/2008 - 09:10

Kindly explain how you arrived at the figure, but can the rate-limit impact the upload that no customers seems to get more than 5Mbps?

tdrais Thu, 06/26/2008 - 09:13

I really wish cisco documented exactly how they calculate the rates rather than this vague token bucket stuff.

You burst rates are lower than the recommended but it is unclear that this is causing your issue. The recommended burst sizes are rate/8*1.5. If you do a show int fa x/x.x rate-limit your should see the rates you are getting from conform and the rates you are getting from exceed. If the conform is much lower than the limit you have configured but you still are getting packets dropped by the exceed then it is a burst ptroblem. If you have a very low exceed rate then it is not the rate-limit causing this issue.

Didn't see the previous post before I did this one ...was tring to do those calculations myself but wasn't confident enough to post my numebrs

Pravin Phadte Thu, 06/26/2008 - 09:42

Hi,

Tdrais is right cisco documentation does not explain it clearly and the values are a bit confusing.

I had the same problem when i had to limit the BW for the clients on the sub-int.

Its seems like frame-relay cir bc be. Suprisinly it did not work. As per the config you have done i feel the same.

1.bps: you need to calculate in bits (cisco says : Average rate in bits per second. The value must be in increments of 8 kbps.)

2. burst-normal: how much burst so as normal if i provide 10 Mb i may give 512 Kb of burst normal... Well to my shock that does not work (cisco says :Normal burst size in bytes. The minimum value is bps divided by 2000.)

3. burst-max: when can it drop: same as above after 10 Mb makes a bit sense so the value should be as bps. BUT IN BYTES (cisco says: Excess burst size in bytes.)

Now lets take an example: 10 Mb In/Out to limit.

bps > 10000000 in Bits

burst-normal > 1240000 > its 1250000 calculated for 10 Mb in Bytes.

burst-max > 1240000 > its 1250000 calculated for 10 Mb in Bytes.

As per my obervation it works and i have it implemented. 10 Mb.

So i see it in this way bps how much 10 Mb..Burst normal 10 Mb ..burst max 10 Mb above that drop all.

The above is been implemented and works good checked in soalrwinds.

let me know if it does work for you.

Below are some links which can help.

http://www.cisco.com/en/US/docs/ios/12_0/qos/command/reference/qrcmdr.html#wp1017761

http://www.speedguide.net/conversion.php

Hope this helps.

regards,

Pravin

exchange1 Thu, 06/26/2008 - 10:20

Although nobody address why my customer's upload does not exceed 5Mbps, I really gain from wealth of information from rate-limit.

tdrais Thu, 06/26/2008 - 13:32

Not sure why you would see 5m but using pravinxyz calculations you would actually see less on some of you subinterfaces. Kinda depends which subinterface. Part of the issue is how you messuring. MRTG take sample and averages numbers in minutes where that policing is in seconds. Your only true indication is from the counters inteface rate-limit display.

This may well not even be a rate-limit issue and may be limitation related to latency but you burst rate will limit your traffic.

I will try to explain how the burst rate can limit you. Now this is not really how it works but it to illustrate the problem so I am ignoring some things.

Say you tell a user he can send 1000 packets in minute. He can send them to you as fast as he possible can but you will only allow him the 1000/minute on average. In your case the real interface is 100m even though you want to limit them to less they will still really send the packets at 100m since that is hardware.

For this example let assume there is no limit and you can send a unlimited number of packets in a second.

So in a minute I can send 1000 packets in 1 second and then do nothing for 59 seconds or send 100 packets ever six second and in both cases I get 1000 packets/minute. If I attempt to send during the seconds I am to do nothing the packets are dropped. The key difference is how many packets the router keeps in memory at at time. This memory is what the burst value represents. So I can either keep 100 block of memory or 1000 and both work. The problem comes if I try to only use 5 blocks of memroy. Even if the users were to transmit 5 blocks every second he would be limited to 300 block total in a minute not the 1000.

Best thing to test this is to either increase the burst or change the exceed action to transmit and see if they can send any more data. If you see no difference then you have a bottle neck someplace else and it is not your rate-limit that is the issue.

Actions

This Discussion