06-26-2008 05:52 AM - edited 03-03-2019 10:30 PM
I divided a fastethernet (100Mbps) to 10 subinterfaces, each subinterface connect to a unique customer, I applied rate-limit to the subinterfaces. I noticed each customers complained about upload and from the PRTG it looks like each customer is pegged to certain upload bandwidth less than 5Mbps while the rate-limit is 45Mbps. Can someone help out.
06-26-2008 07:12 AM
How much bandwidth you have assigned to each subinterfaces?
Keep in mind, By creating we can't change PHYSICAL INTERFACE hard core speed.
Thanks,
Dharmesh Purohit
06-26-2008 07:19 AM
If you can post part of the config it will be helpful for people to help you.
My outright guess without the configs is that you have the burst rate too low on rate limit.
06-26-2008 07:43 AM
interface FastEthernet0/0
description CONNECTION TO ISP
ip address XXXXXXXXXXXXXXXXX
ip router isis
speed 100
full-duplex
no cdp enable
isis circuit-type level-2-only
!
interface FastEthernet0/3
no ip address
duplex auto
speed auto
no cdp enable
!
!
interface FastEthernet0/3.4
description CONNECTION TO 1111
encapsulation dot1Q 103
ip address XXXXXXXXXXXXX
ip router isis
rate-limit output 30000000 300000 300000 conform-action transmit exceed-action drop
no cdp enable
isis circuit-type level-2-only
!
interface FastEthernet0/3.5
description CONNECTION TO 2222
encapsulation dot1Q 104
ip address XXXXXXXXXXXXXXX
ip router isis
rate-limit output 4000000 35000 35000 conform-action transmit exceed-action drop
no cdp enable
isis circuit-type level-2-only
!
interface FastEthernet0/3.6
description CONNECTION TO 3333
encapsulation dot1Q 105
ip address XXXXXXXXXXXXXX
ip router isis
rate-limit input 10000000 37000 37000 conform-action transmit exceed-action drop
rate-limit output 10000000 37000 37000 conform-action transmit exceed-action drop
no cdp enable
isis circuit-type level-2-only
!
interface FastEthernet0/3.7
description CONNECTION TO 4444
encapsulation dot1Q 106
ip address XXXXXXXXXXXXXXX
ip router isis
rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop
rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop
no cdp enable
isis circuit-type level-2-only
06-26-2008 09:03 AM
Hi,
You rate limits says the below.
interface FastEthernet0/3.4
rate-limit output 30000000 300000 300000 conform-action transmit exceed-action drop
30 Mb - 2.4 Mb
If you are setting this output to 30 Mb you should aplly as below. It will drop after 30 Mb
rate-limit output 30000000 3740000 3740000 conform-action transmit exceed-action drop
interface FastEthernet0/3.5
rate-limit output 4000000 35000 35000 conform-action transmit exceed-action drop
4 Mb 0.28 Mb/280 Kb
It will drop after 4 Mb
rate-limit output 4000000 500000 500000 conform-action transmit exceed-action drop
10 Mb 0.296 Mb/296 Kb
interface FastEthernet0/3.6
rate-limit input 10000000 37000 37000 conform-action transmit exceed-action drop
rate-limit output 10000000 37000 37000 conform-action transmit exceed-action drop
It will drop after 10 Mb
rate-limit input 10000000 1240000 1240000 conform-action transmit exceed-action drop
rate-limit output 10000000 1240000 1240000 conform-action transmit exceed-action drop
interface FastEthernet0/3.7
rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop
rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop
2 Mb - 0.296 Mb/296 Kb
rate-limit input 2000000 37000 37000 conform-action transmit exceed-action drop
rate-limit output 2000000 37000 37000 conform-action transmit exceed-action drop
rate-limit input 2000000 240000 240000 conform-action transmit exceed-action drop
rate-limit output 2000000 240000 240000 conform-action transmit exceed-action drop
It will drop after 2 Mb
Get this tested with one of the clients. Also suggest to apply both input and ouput as required.
Hope this helps.
Regards,
Pravin
06-26-2008 09:10 AM
Kindly explain how you arrived at the figure, but can the rate-limit impact the upload that no customers seems to get more than 5Mbps?
06-26-2008 09:13 AM
I really wish cisco documented exactly how they calculate the rates rather than this vague token bucket stuff.
You burst rates are lower than the recommended but it is unclear that this is causing your issue. The recommended burst sizes are rate/8*1.5. If you do a show int fa x/x.x rate-limit your should see the rates you are getting from conform and the rates you are getting from exceed. If the conform is much lower than the limit you have configured but you still are getting packets dropped by the exceed then it is a burst ptroblem. If you have a very low exceed rate then it is not the rate-limit causing this issue.
Didn't see the previous post before I did this one ...was tring to do those calculations myself but wasn't confident enough to post my numebrs
06-26-2008 09:42 AM
Hi,
Tdrais is right cisco documentation does not explain it clearly and the values are a bit confusing.
I had the same problem when i had to limit the BW for the clients on the sub-int.
Its seems like frame-relay cir bc be. Suprisinly it did not work. As per the config you have done i feel the same.
1.bps: you need to calculate in bits (cisco says : Average rate in bits per second. The value must be in increments of 8 kbps.)
2. burst-normal: how much burst so as normal if i provide 10 Mb i may give 512 Kb of burst normal... Well to my shock that does not work (cisco says :Normal burst size in bytes. The minimum value is bps divided by 2000.)
3. burst-max: when can it drop: same as above after 10 Mb makes a bit sense so the value should be as bps. BUT IN BYTES (cisco says: Excess burst size in bytes.)
Now lets take an example: 10 Mb In/Out to limit.
bps > 10000000 in Bits
burst-normal > 1240000 > its 1250000 calculated for 10 Mb in Bytes.
burst-max > 1240000 > its 1250000 calculated for 10 Mb in Bytes.
As per my obervation it works and i have it implemented. 10 Mb.
So i see it in this way bps how much 10 Mb..Burst normal 10 Mb ..burst max 10 Mb above that drop all.
The above is been implemented and works good checked in soalrwinds.
let me know if it does work for you.
Below are some links which can help.
http://www.cisco.com/en/US/docs/ios/12_0/qos/command/reference/qrcmdr.html#wp1017761
http://www.speedguide.net/conversion.php
Hope this helps.
regards,
Pravin
06-26-2008 10:20 AM
Although nobody address why my customer's upload does not exceed 5Mbps, I really gain from wealth of information from rate-limit.
06-26-2008 01:32 PM
Not sure why you would see 5m but using pravinxyz calculations you would actually see less on some of you subinterfaces. Kinda depends which subinterface. Part of the issue is how you messuring. MRTG take sample and averages numbers in minutes where that policing is in seconds. Your only true indication is from the counters inteface rate-limit display.
This may well not even be a rate-limit issue and may be limitation related to latency but you burst rate will limit your traffic.
I will try to explain how the burst rate can limit you. Now this is not really how it works but it to illustrate the problem so I am ignoring some things.
Say you tell a user he can send 1000 packets in minute. He can send them to you as fast as he possible can but you will only allow him the 1000/minute on average. In your case the real interface is 100m even though you want to limit them to less they will still really send the packets at 100m since that is hardware.
For this example let assume there is no limit and you can send a unlimited number of packets in a second.
So in a minute I can send 1000 packets in 1 second and then do nothing for 59 seconds or send 100 packets ever six second and in both cases I get 1000 packets/minute. If I attempt to send during the seconds I am to do nothing the packets are dropped. The key difference is how many packets the router keeps in memory at at time. This memory is what the burst value represents. So I can either keep 100 block of memory or 1000 and both work. The problem comes if I try to only use 5 blocks of memroy. Even if the users were to transmit 5 blocks every second he would be limited to 300 block total in a minute not the 1000.
Best thing to test this is to either increase the burst or change the exceed action to transmit and see if they can send any more data. If you see no difference then you have a bottle neck someplace else and it is not your rate-limit that is the issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide