11-05-2008 08:13 PM - edited 03-04-2019 12:13 AM
Currently we have several VRFs accessing single line of internet of 34-Mbps.
How can we distribute evenly the internet access, in the config (Router7609-s + FWSM separated per vlan/per vrf)?
Do we need the other device which can do distribution? any other suggestion
11-05-2008 11:40 PM
Please associate the VRF to your Vlan.
11-06-2008 12:05 AM
done already. But how each vrf will get the internet access equally?
Do i need to change the queue, policy-map for qos or what? please advice.
11-06-2008 02:22 AM
As far as I know there is no VRF-aware QoS which would allow to apply a single QoS policy directly to VRFs. You will need to configure standard QoS. In your situation, I would suggest a configuration like this:
FIRST STEP : MARKING
class-map INTERNET
match protocol http
match protocol ftp
etc.
-> here you define what is "Internet traffic"
policy-map INTERNET_MARKING_VRF1
class INTERNET
police 1000000
conform-action set-dscp-transmit 41
exceed-action set-dscp-transmit 11
-> here you define the amount of fair raffic for each VRF. You need to create a policy for each VRF (unless all get the same). In the example all Internet traffic up to 1MB is makred with DSCP 41 and transmitted. Any
additional Internet traffic is marked with DSCP 11 and also transmitted.
The DSCP values are random, you could choose any other value, or IP precedence, as long as the conforming and exceeding traffic is marked differently.
interface FastEthernet xx
service-policy input INTERNET_MARKING_VRF1
-> here you apply the policy assigned to a VRF (i.e. to each VRF aka end-customer).
SECOND STEP : POLICING
class-map CONFORM
match dscp 41
class-map EXCEED
match dscp 11
-> create two classes: fair Internet traffic (conform) and the rest.
policy-map INTERNET_POLICING
class CONFORM
bandwidth 99%
class EXCEED
bandwidth 1%
-> fair traffic gets 99% of the Internet bandwidth. Unfair traffic has to compete
for the remaining 1%.
interface serial xy
service-policy output INTERNET_POLICING
-> applies the policy to the WAN interface
This configuration provides fairness between VRFs as each VRF can send Internet traffic up to the contraced amount and be sure it is transmitted (this requires of course that bandwidth is available: the sum of all policed bandwidths in step 1 is smaller or equal than 99% of your available Internet bandwidth. Note that 99% as specified in the
policy-map translates to 99% of 75% of the actual interface bandwidth).
Next to fairness it also allows individual VRFs to send more traffic in times when
additional bandwidth is available because one or some other VRFs send less than their
contracted bandwith. Bandwidth is not wasted.
Please consult http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_4/qos_12_4_book.html for more options and more details. You will need to add additional configuration for other Internet traffic (not http, or ftp) or non-Internet traffic (such as your routing protocols for instance).
HTH, Thomas
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide