QOS questions - 5 minute rate XX bps and cir 768000

Unanswered Question
Jun 29th, 2014
User Badges:

Hello,

 

I hope someone here can answer my questions. I have asked some of the CCIE's on my team and opened a TAC case, but neither option provided solid answers.

 

The short version of my question is this: what does "5 minute rate XX bps" mean in the context of the "show policy-map interface x/x" command? 

 

In addition I would like to find out what unit of measurement, I.E. bits, bytes etc., is used in the output "cir 768000" for the police command in the class map .

 

The full output of show policy-map  and show version commands are below.

 

Thanks in advance for any help you can provide.

 

 

 

 

rtrxxxx#show policy-map interface s0/0/0:0

 

 Serial0/0/0:0

 

Service-policy output: QoS_OUT

 

    Class-map: Express_Forward (match-any)

      863884 packets, 66581508 bytes

      5 minute offered rate 7000 bps, drop rate 0 bps

      Match: access-group name VOIP-BEARER

        863884 packets, 66581508 bytes

        5 minute rate 7000 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 863884/66353276

      bandwidth remaining 20% (307 kbps)

 

    Class-map: Gold (match-any)

      174353 packets, 105051208 bytes

      5 minute offered rate 0 bps, drop rate 0 bps

      Match: access-group name EPS

        22616 packets, 2290071 bytes

        5 minute rate 0 bps

      Match: access-group name RX

        151737 packets, 102761137 bytes

        5 minute rate 0 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 171583/104927763

      bandwidth remaining 10% (153 kbps)

 

    Class-map: Silver (match-any)

      1426952 packets, 262747525 bytes

      5 minute offered rate 2000 bps, drop rate 0 bps

      Match: access-group name MAINFRAME

        174712 packets, 61240491 bytes

        5 minute rate 0 bps

      Match: access-group name KRONOS

        181558 packets, 34240271 bytes

        5 minute rate 0 bps

      Match: access-group name EMAIL

        755599 packets, 97267234 bytes

        5 minute rate 2000 bps

      Match: access-group name VOIP-CONTROL

        9284 packets, 1135517 bytes

        5 minute rate 0 bps

      Match: access-group name LOGIXWEB

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name GRINDLOG

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name CITRIX

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name CORP_WEB

        305799 packets, 68864012 bytes

        5 minute rate 0 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/514/0

      (pkts output/bytes output) 1420934/261435436

      bandwidth remaining 50% (768 kbps)

 

    Class-map: Bronze (match-any)

      639010 packets, 127794658 bytes

      5 minute offered rate 2000 bps, drop rate 0 bps

      Match: access-group name AUTH

        531274 packets, 119388866 bytes

        5 minute rate 2000 bps

      Match: access-group name DHCP

        499 packets, 177340 bytes

        5 minute rate 0 bps

      Match: access-group name DNS

        107237 packets, 8228452 bytes

        5 minute rate 0 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 638694/127446294

      bandwidth remaining 5% (76 kbps)

 

    Class-map: Scavenger (match-any)

      124834 packets, 17220523 bytes

      5 minute offered rate 5000 bps, drop rate 0 bps

      Match: protocol ssh

        45906 packets, 7259947 bytes

        5 minute rate 5000 bps

      Match: access-group name PING

        78928 packets, 9960576 bytes

        5 minute rate 0 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 124794/14898062

      bandwidth remaining 5% (76 kbps)

 

    Class-map: POLICE_STATE (match-any)

      361142 packets, 504176191 bytes

      5 minute offered rate 0 bps, drop rate 0 bps

      Match: access-group name TSMSTRICT

        361142 packets, 504176191 bytes

        5 minute rate 0 bps

      police:

          cir 768000 bps, bc 24000 bytes, be 1500 bytes

        conformed 351211 packets, 490035216 bytes; actions:

          transmit

        exceeded 2566 packets, 3653984 bytes; actions:

          drop

        violated 7365 packets, 10487003 bytes; actions:

          drop

        conformed 0 bps, exceed 0 bps, violate 0 bps

 

    Class-map: class-default (match-any)

      25516182 packets, 12778536664 bytes

      5 minute offered rate 141000 bps, drop rate 0 bps

      Match: any

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 4/5143/0

      (pkts output/bytes output) 25414437/13370803818

      bandwidth remaining 10% (153 kbps)

 

 

 

 

 

 

 

rtrxxxx#show ver
Cisco IOS Software, 3800 Software (C3845-ADVIPSERVICESK9-M), Version 12.4(24)T4, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Fri 03-Sep-10 10:00 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

rtr8387a uptime is 2 years, 2 days, 5 hours, 21 minutes
System returned to ROM by Reload Command
System restarted at 10:38:14 UTC Wed Jun 27 2012
System image file is "flash:c3845-advipservicesk9-mz.124-24.T4.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
[email protected].

Cisco 3845 (revision 1.0) with 471039K/53248K bytes of memory.
Processor board ID FTX1150A072
2 Gigabit Ethernet interfaces
1 Serial interface
2 terminal lines
1 Channelized/Clear T1/PRI port
1 Virtual Private Network (VPN) Module
6 Voice FXS interfaces
1 cisco Integrated Service Engine(s)
   Cisco WLAN Controller 5.0.148.0 in slot 1
1 cisco Integrated Service Engine-2(s)
   Cisco Wide Area Application Services Software 4.3.5a (b1 Oct 17 2011 13:57:15) in slot 2
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
126976K bytes of ATA System CompactFlash (Read/Write)

Configuration register is 0x2102

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Mon, 06/30/2014 - 01:12
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello bbiddings,

 

1) 5 minute offered rate 5000 bps, drop rate 0 bps

This means that the rate is actually an average over the last 5 minutes. Interface counters are moving average over time with an exponential law that says something like:

average= current rate*exp(-t/T) + (1- exp(-t/T))*old rate value

where T is actually 5 minutes.

in interface configuration you can change T as low as 30 seconds with load-interval 30 interface command.

I cannot test now but it is possible that load-interval change also the time interval for sh policy-map int output.

The property of this kind of average is that it takes four intervals to reach a steady value.

 

2) CIR 768000

These are bit per second and the Committed information rate is the rate for conforming packets as measured in a token bucket algorithm used by the policer

 

Hope to help

Giuseppe

 

 

 

 

Braden Biddings Mon, 06/30/2014 - 05:06
User Badges:

Giuseppe,

Thank you for taking the time to reply.

 

I am still not sure about the output below. You defined the 5 minute offered rate. I am looking for more info on the "5 minute rate xxx bps". The two appear to be different some how. See below.. in the output of show policy-map interface... under one of the match statements, there is a line that says "5 minute rate xxx bps"

 

      Match: access-group name EMAIL

        755599 packets, 97267234 bytes

        5 minute rate 2000 bps

Giuseppe Larosa Mon, 06/30/2014 - 05:36
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello bbiddings,

if we examine the output for the whole class silver we see:

Class-map: Silver (match-any)

      1426952 packets, 262747525 bytes

    >>>  5 minute offered rate 2000 bps, drop rate 0 bps

      Match: access-group name MAINFRAME

        174712 packets, 61240491 bytes

        5 minute rate 0 bps

      Match: access-group name KRONOS

        181558 packets, 34240271 bytes

        5 minute rate 0 bps

      Match: access-group name EMAIL

        755599 packets, 97267234 bytes

       >>>>> 5 minute rate 2000 bps

      Match: access-group name VOIP-CONTROL

        9284 packets, 1135517 bytes

        5 minute rate 0 bps

      Match: access-group name LOGIXWEB

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name GRINDLOG

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name CITRIX

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: access-group name CORP_WEB

        305799 packets, 68864012 bytes

        5 minute rate 0 bps

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/514/0

      (pkts output/bytes output) 1420934/261435436

      bandwidth remaining 50% (768 kbps)

 

The line that you have pointed refers to access-list EMAIL and the 5 minute rate are the counters for the hits the matches of access-list EMAIL. However, it should be still an average calculated in the same way, because you see that total offered rate of class Silver is 2000 bps exactly the same number under EMAIL. (it is the only ACL with traffic in this show output for class Silver)

The ouput actually provides counters per ACL not only the aggregate counters per class.

if more then an ACL has traffic in the last 5 minutes all of the counters contribute to the class counters

 

Hope to help

Giuseppe

 

 

 

Actions

This Discussion

Related Content