bandwidth policy

Answered Question
May 31st, 2010

Greetings!

Look at my case:

Customers are connected to service provider (SP) trough a FastEthernet ports on a switch. One vlan per customer. Then that vlans are terminated on access router (subinterfaces). Occasionaly not all customers follow the contract agreement of bandwidth utilization. By contract they are prohibited to, for example, 7 mbps bandwidth, but because their connection is wirespeed (100 mbps) they often exceed that contract limitation.

The question is what is the best practice for SP to work out this situation? I mean, how to limit the rate for customers?

Applying service-policy with flow average limit doesn't work on subinterface for an ingress flow (from customer).

Thanks!

Yours, Alex

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 7 months ago

Hello Alex,

>> The case is - "customer is interconnecting different company sites."

fine

>> I still can hardly guess the meaning of burst  and max-burst   fields in mls qos aggregate-policer command.

These are buffers expressed in bytes not bytes/sec instead the rate is in bps.

Actually a policer uses a token bucket algorithm to compare packets with the presence of tokens in buffers:

if enough tokens for the packet are present in the buffer the packet is considered conforming and sent out/accepted.

What counts is packet size and interarrival time between this packet and the previous one sent/accepted.

in this case The burst and max-burst buffers allow to accomodate a burst of B bytes over the stated rate allowing to handle the variable nature of data traffic.

see

http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m2.html#wp1041087

exceed burst size is used at startup after long time of inactivity to allow to send more traffic during first time interval.

So these are parameters used to tune the policer behaviour and old rules used with CAR was to allow at least 250 msec of traffic at peak rate to dimension the normal burst size and to use a double value for exceeding burst size.

These buffers are refilled of tokens at the specified bit rate and no more and allows to use later up to B to max-B "credits"

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Giuseppe Larosa Mon, 05/31/2010 - 12:19

Hello Alex,

customers should implement outbound shaping a little less then state peak bit rate and you should police inbound.

However, it is important to notice that we are talking  of internet access, this is typically asymmetrical with much more traffic in the opposite direction (from internet to customer) then from customer to internet.

You can shape outbound towards the customer but the customer may have already used BW resources on your upstream link(s) to the big internet.

if this is the case, an indirect attempt to limit downstream direction is to limit upstream more (that is to follow the asymmetric nature of internet traffic)

So it would be important to know if  customer traffic is directed to the public internet or they are interconnecting different company sites.

Hope to help

Giuseppe

Alexander Demin Tue, 06/01/2010 - 01:15

Hi!

The case is - "customer is interconnecting different company sites."

Two variants of interconnection of sites:

customer-----ISP switch-- (ISP network) --ISP switch-----customer

Interconnection between ISP switches is either pure 802.1q or EoMPLS tunnel.

Current decision for bandwidth limit is of that kind:

mls qos aggregate-policer CUST_11 20000000 1000000 1000000 conform-action transmit exceed-action drop

interface Vlan11
service-policy input CUST_11
service-policy output CUST_11

Any better ideas?

P.S.

One nube question also.

I still can hardly guess the meaning of burst  and max-burst   fields in mls qos aggregate-policer command.

The sintax is such:

mls qos aggregate-policer aggregate-name rate burst [max-burst] [pir peak-rate] [conform-action action]...

For example, customer is connected to a 1Ge interface, I need to guarantee him less or equal 40 Mbps CIR.

The rate  then will be in bits-per-second - thus - 40000000.

What the burst  and max-burst   fields (that are in bytes/sec) are correlated with and how ?

Thanks!

Correct Answer
Giuseppe Larosa Tue, 06/01/2010 - 06:43

Hello Alex,

>> The case is - "customer is interconnecting different company sites."

fine

>> I still can hardly guess the meaning of burst  and max-burst   fields in mls qos aggregate-policer command.

These are buffers expressed in bytes not bytes/sec instead the rate is in bps.

Actually a policer uses a token bucket algorithm to compare packets with the presence of tokens in buffers:

if enough tokens for the packet are present in the buffer the packet is considered conforming and sent out/accepted.

What counts is packet size and interarrival time between this packet and the previous one sent/accepted.

in this case The burst and max-burst buffers allow to accomodate a burst of B bytes over the stated rate allowing to handle the variable nature of data traffic.

see

http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m2.html#wp1041087

exceed burst size is used at startup after long time of inactivity to allow to send more traffic during first time interval.

So these are parameters used to tune the policer behaviour and old rules used with CAR was to allow at least 250 msec of traffic at peak rate to dimension the normal burst size and to use a double value for exceeding burst size.

These buffers are refilled of tokens at the specified bit rate and no more and allows to use later up to B to max-B "credits"

Hope to help

Giuseppe

d-fillmore Thu, 06/17/2010 - 04:25

Hi - My problem is similar to this so I'll try replying here before starting a new post.

We have an ISP network and sell increments of a 10Gb WAN interface to customers.

At the moment we are policing inbound at the edges of our network to rate limuit L2VPN bandwidth and policing inbound and outbound at the egress of out network for IP transit. We had a few problems with our initial policing config in that it was quite brutal and the effect for L2VPN users was that anything over the 50Mb was just getting dropped and their TCP applications were throttling back loads and the perceived bandwidth (by the customer) was much lower than the 50Mb. The policer we used was this.

policy-map 50Meg
  class class-default
   police 50000000 1500 1500    conform-action transmit     exceed-action drop
!

Having looked at a few other ISP's configs, I can see shapers being used extensively instead of policers. I know the technical differences between the two, but want to know if we should look to implement shaping instead of policing to provide a better experience for the customer whilst still restricting bandwidth?

Also, I can understand the variables used in policers and shapers, but are there some standard fugures that you would use for say 20, 40 and 50 Mb policers as I can imagine just guessing them is not going to work

Many Thanks in advance

Dom

Actions

This Discussion