Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
416
Views
5
Helpful
9
Replies

QoS question - Is this the best way?

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎03-27-2009 10:02 AM - edited ‎03-04-2019 04:07 AM

All,

I have a site that has a 20mb DS3. I want to limit them to 3mb for everything. What I have so far is this:

policy-map SHAPE

class class-default

shape average 3000000

policy-map POLICE

class class-default

police 3000000

int s1/0

service-policy output SHAPE

service-policy input POLICE

This seems to work great. On a speed test (up and down) I get 3mb. Is this the best way, or should I be doing something else?

Thanks!

John

HTH, John *** Please rate all useful posts ***
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to John Blakley

‎03-27-2009 12:12 PM

The provider may, or may not, be cooperative with your request. Plus, if the bandwidth is there for an "emergency", it might be difficult to have them remove a soft cap quickly for an emergency.

The inbound 3 Mbps policer will keep your downstream hosts from getting more than 3 Mbps, but a policer won't guarantee that the WAN link (inbound) won't exceed 3 Mbps. This because most non-TCP flows won't slow when there are drops, and even TCP flows can burst above the policer rate before they self slow.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎03-27-2009 10:46 AM

John

If it works...

Seriously, if you want to control it at one interface then yes this will work although ideally you would want the other end of the DS3 to do the policing rather than use the DS3's bandwidth and then drop at your interface.

But no problems with what you have.

Jon

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-27-2009 11:13 AM

If you could, it might be better to shape the other side's out rather than police same side's in.

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Joseph W. Doherty

‎03-27-2009 11:25 AM

This is directly to the provider. I could ask if they could shape their side too. This link is our DR link and it's 20mb, but the full 20mb is only supposed to be used in case of an emergency. Otherwise, it will be used on a day-to-day basis for a 3-4mb link.

After policing, I ran a speed test and could easily see it "bounce" between 2.6 and 2.95, so it's working, but I don't really like the idea of dropping all of that traffic either.

Thanks,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to John Blakley

‎03-27-2009 11:36 AM

John,

Actually ISP site will police(Inbound) you at the rate you have purchased. That's why they want you to shape at the same rate. Your configuration is good for me. A bit delay might be better than re-transmission.

Toshi

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to John Blakley

‎03-27-2009 12:12 PM

The provider may, or may not, be cooperative with your request. Plus, if the bandwidth is there for an "emergency", it might be difficult to have them remove a soft cap quickly for an emergency.

The inbound 3 Mbps policer will keep your downstream hosts from getting more than 3 Mbps, but a policer won't guarantee that the WAN link (inbound) won't exceed 3 Mbps. This because most non-TCP flows won't slow when there are drops, and even TCP flows can burst above the policer rate before they self slow.

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Joseph W. Doherty

‎03-27-2009 12:15 PM

Joseph,

I've sent an email to the provider about this, but I haven't heard back. So what's the best way about doing this then? Is policing still my best option? Are there other parameters that I should use on my policing config?

Thanks,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to John Blakley

‎03-27-2009 01:27 PM

All,

I got a response from the provider, and they won't shape the traffic back. They said that I'm doing it the best way. What is it with UDP traffic though that policing won't help?

They said that "...if we're downloading anything with UDP, the traffic has already traversed the link and has counted toward the utilization target." I thought policing the traffic addressed both tcp and udp.

Thanks,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to John Blakley

‎03-27-2009 01:39 PM

John

From Joseph's post -

"This because most non-TCP flows won't slow when there are drops, and even TCP flows can burst above the policer rate before they self slow."

TCP uses sequence numbers/receive and send windows/acknowledgements etc. In short TCP can adapt to changes in network congestion and if packets are dropped by the policer they will slow their transmission.

UDP has no such mechanisms and therefore cannot adapt in the same way. Hence a policer at your end of the link will not stop UDP going above the 3Mbs.

Jon

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎03-27-2009 05:50 PM

"Hence a policer at your end of the link will not stop UDP going above the 3Mbs."

Just to clarify this a bit more, UDP traffic before the policer will likely not slow its transmission rate.

UDP after the policer will be rate limited.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card