Class-based traffic shaping not taking effect on IPsec Tunnel

Unanswered Question
Apr 14th, 2010
User Badges:

Currently we are configuring class-based traffic shaping on an IPsec tuunel interface:


SGST3CEIDA002#sh run int tu645140202
Building configuration...


Current configuration : 357 bytes
!
interface Tunnel645140202
description Tunnel to SG
bandwidth 20000
ip address <removed>
ip policy route-map Redirect_Traffic
load-interval 30
tunnel source <removed>
tunnel destination <removed>
tunnel mode ipsec ipv4
tunnel protection ipsec profile SOE_BRANCH
service-policy output All_WAN_Policy_BW
end

SGST3CEIDA002#sh policy-map All_WAN_Policy_BW
  Policy Map All_WAN_Policy_BW
    Class class-default
      Average Rate Traffic Shaping
      cir 6144000 (bps)
      service-policy All_WAN_Policy_Child_BW
SGST3CEIDA002#sh policy-map All_WAN_Policy_Child_BW
  Policy Map All_WAN_Policy_Child_BW
    Class Standard_SOE
      bandwidth 4000 (kbps)
    Class Standard_nSOE
      bandwidth 2000 (kbps)
SGST3CEIDA002#



But from the result of show policy-map interface command it shows that the shaping is not taking effect:

SGST3CEIDA002sh policy-map int tu645140202
Tunnel645140202


  Service-policy output: All_WAN_Policy_BW


    Class-map: class-default (match-any)
      255694 packets, 272051590 bytes
      30 second offered rate 18416000 bps, drop rate 0 bps               <========= Incoming traffic 18Mbps
      Match: any
      Queueing
      queue limit 64 packets
      (queue depth/total drops/no-buffer drops) 0/0/0
      (pkts output/bytes output) 11/1650
      shape (average) cir 6144000, bc 24576, be 24576                    <========= Shape target 6Mbps
      target shape rate 6144000


      Service-policy : All_WAN_Policy_Child_BW


        Class-map: Standard_SOE (match-all)
          0 packets, 0 bytes
          30 second offered rate 0 bps, drop rate 0 bps
          Match: access-group name Standard_SOE
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 0/0
          bandwidth 4000 kbps


        Class-map: Standard_nSOE (match-all)
          255683 packets, 272051002 bytes
          30 second offered rate 18416000 bps, drop rate 0 bps
          Match: access-group name Standard_nSOE
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 0/0
          bandwidth 2000 kbps


        Class-map: class-default (match-any)
          11 packets, 588 bytes
          30 second offered rate 0 bps, drop rate 0 bps
          Match: any
         
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 11/1650
SGST3CEIDA002#


SWITCH001#sh int g0/16 | in bits/sec
  30 second input rate 584000 bits/sec, 1138 packets/sec
  30 second output rate 19551000 bits/sec, 2262 packets/sec               <======= Destination Port output 19Mbps



Anyone can advise on how to shape down the output traffic properly in this case?  Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

Related Content