provision bandwidth with QoS

Answered Question
Dec 22nd, 2008
User Badges:

Hi ALL,

there are 3 different companies share one 2811 router and there is 5.0 Mbps in WAN connection. We'd like to provision bandwidth between these three companies. I know with the QoS, we can define bandwith based on ACL. is there any document that describe this solution?

thanks

Alex



Correct Answer by archari about 8 years 4 months ago

yep.. you can have an independent input service policy.


match the ACL based on destination address and apply it in the input direction


e.g.


access-list 111 permit ip any host publicip1


class-map traffictocompany1

match ip address 111


policy-map inboundqos

class traffictocompany1

police cir kbps


interface serial x/y

service-policy input inboundqos


The input and output policies are independent of each other so you can do both simultaneously


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
archari Mon, 12/22/2008 - 12:36
User Badges:
  • Cisco Employee,

Pulling this off a post I recently posted :-)


1st make 3 ACL to match your source ip's

access-list 101 permit ip x.x.x.x y.y.y.y any

where (x.x.x.x is the subnet for company1)

access-list 102 permit ip a.a.a.a b.b.b.b any

a.a.a.a is subnet for company2

access-list 103 permit ip m.m.m.m n.n.n.n any

m.m.m.m is subnet for company3



2nd make a class map to match the ACL


class-map company1class

match access-group 101



class-map company2class

match access-group 102



class-map company3class

match access-group 103


3rd make a policy-map to match the class above with the QoS you want to give it


policy-map percompany

class company1class

bandwidth 512


class company2class

bandwidth 1024


class company3class

bandwidth 2048



4th attach the policy-map to the outgoing interface pointing to the SP (WAN)


interface serial x/y

service-policy output percompany


Instead of matching the source IP address, you can also use match input interface ;-) all of them are hanging off different interfaces


Note: I dint divide bandwidth equally. You can do that if that is the intent

alex goshtaei Mon, 12/22/2008 - 12:48
User Badges:

Thanks for your reply,

How about incoming traffic from internet to the router? can we do the same method. the router has three different public IP addresses.

thanks

Correct Answer
archari Mon, 12/22/2008 - 12:58
User Badges:
  • Cisco Employee,

yep.. you can have an independent input service policy.


match the ACL based on destination address and apply it in the input direction


e.g.


access-list 111 permit ip any host publicip1


class-map traffictocompany1

match ip address 111


policy-map inboundqos

class traffictocompany1

police cir kbps


interface serial x/y

service-policy input inboundqos


The input and output policies are independent of each other so you can do both simultaneously


Joseph W. Doherty Mon, 12/22/2008 - 16:33
User Badges:
  • Super Bronze, 10000 points or more

Athough Arvind's second post shows what you can do inbound, the results will not be the same as outbound. The first major difference is, outbound you have different class queues which should obtain a minimum amount of specified bandwidth when there's congestion. Inbound, the classes will cap the amount of bandwidth used. The biggest different between these two approaches is an outbound class, unless also shaped or policed, can use additional excess available bandwidth; inbound the class will never be allowed to use more than its policed cap even if the bandwidth is available.


The second major difference, for inbound, although your policiers will restrict the amount of bandwidth forwarded by your router, they may not have any effect upon inbound traffic utilization (e.g. most non-TCP traffic) or if they do (e.g. TCP traffic), the traffic might burst on the link before it gets to the policer.


The best method to regulate inbound is on the other side of the link's outbound. Next best, at least with TCP traffic, is regulation of the outbound ACKs and/or manipulation of receiver advertised receive window values. Neither of these methods, I believe, supported by Cisco devices.

Actions

This Discussion