01-23-2012 01:30 AM - edited 03-07-2019 04:29 AM
Hello,
I know that there are a lot of discussion on this subject but I'm a little bit lost.
My purpose is very simple, I have a WAN link (100Mb) between 2 3750 with several VLAN going through,
I would like to ensure that for some/all VLANs each VLAN has a minimum bandwith regarding the availibility of the line.
For example :
VLAN 2 = 40Mb
VLAN 3 = 20Mb
VLAN 4 = 20Mb
VLAN 5 = 10Mb
VLAN 6 = 6Mb
the rest = 4Mb
I checked with configs found in this forum ( SRR-QUEUE, VLAN QOS, ... ) but I failled all my tests
Could you, please, help me
Thank you very much
01-23-2012 06:28 AM
Everything I'm reading about SRR-QUEUE, shows that there are 4 queues to manage the bandwidth, but in my case I need more than 4 possibilities to share the BW.
Help will be very appreciated,
Thank you very much in advance
Philippe
01-23-2012 08:01 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
If you really want to manage bandwidth, on the small end, an ISR would be what you want.
Low-end switches, such at the 3750 series, are oriented toward the LAN where adding bandwidth often precludes the need to manage it.
There are Metro switches that offer some additional features vs. pure LAN type of switches, but you can obtain a current ISR that can easily handle 100 Mbps and still have capacity for growth.
01-23-2012 08:07 AM
Trying this.
! Identify your WAN interface as below...
FastEthernet0/1
Description YOUR WAN FACING INTERFACE
mls qos vlan-based
! Create new class as below
class-map match-all MY-INTERFACE-FACING-WAN
match input-interface FastEthernet0/1
class-map match-all RESTALLVLANS
match ip precedence 0
! Create new policies and import class into policy and set desire bandwidth limitation.
policy-map VLAN2-POLICER
class MY-INTERFACE-FACING-WAN
police 40000000 7500000 exceed-action drop
policy-map VLAN3-POLICER
class MY-INTERFACE-FACING-WAN
police 20000000 3750000 exceed-action drop
policy-map VLAN4-POLICER
class MY-INTERFACE-FACING-WAN
police 20000000 3750000 exceed-action drop
policy-map VLAN5-POLICER
class MY-INTERFACE-FACING-WAN
police 10000000 1875000 exceed-action drop
policy-map VLAN6-POLICER
class MY-INTERFACE-FACING-WAN
police 6000000 1125000 exceed-action drop
policy-map VLAN-RESTALL-POLICER
class RESTALLVLANS
police 4000000 750000 exceed-action drop
! Create ACL to identify traffic.
access-list 100 permit ip any any
! Create new class and imporet ACL 100.
class-map match-all ALL-IP
match access-group 100
! Create new policy and import the class and set the IP precedence along with service level.
policy-map POLICER2VLAN2
class ALL-IP
set ip precedence 5
service-policy VLAN2-POLICER
policy-map POLICER2VLAN3
class ALL-IP
set ip precedence 4
service-policy VLAN3-POLICER
policy-map POLICER2VLAN4
class ALL-IP
set ip precedence 3
service-policy VLAN4-POLICER
policy-map POLICER2VLAN5
class ALL-IP
set ip precedence 2
service-policy VLAN5-POLICER
policy-map POLICER2VLAN6
class ALL-IP
set ip precedence 1
service-policy VLAN6-POLICER
policy-map POLICER2VLAN-ALL
class ALL-IP
set ip precedence 0
service-policy VLAN-RESTALL-POLICER
! At last import the policy into respective vlan
interface Vlan2
service-policy input POLICER2VLAN2
interface Vlan3
service-policy input POLICER2VLAN3
interface Vlan4
service-policy input POLICER2VLAN4
!
interface Vlan5
service-policy input POLICER2VLAN5
interface Vlan6
service-policy input POLICER2VLAN6
interface Vlan100
description other vlans
service-policy input POLICER2VLAN-ALL
Test your config
Thanks
Rizwan Rafeek
01-23-2012 08:33 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Justed wanted to mention, what Rizwan is suggesting, can insure other classes of traffic get bandwidth by restricting bandwidth to defined classes, but it limits those policed classes if more bandwidth is available.
01-23-2012 09:47 AM
Thanks for covering me.
"but it limits those policed classes if more bandwidth is available." is true.
thanks
01-24-2012 12:21 AM
@Rizwan,
Thank you very much for this config.
@Joseph,
Thank you very much, but we do not have any ISR and I'm afraid we won't buy any ( budget, .... ), the L3 of the 3750 is enough ( we tought ) for our needs. I wsa wondering that this functionallity was possible on the L3.
@Joseph & @Rizwan,
Indeed, I don't want to limit the BW but well ensure a minimum of BW
What do you think if I replace "exceed-action drop" by "exceed-action policed-dscp-transmit" in the policy-map ?
In all the case, I'll try it now and 'll keep you informed.
Thank you again
Philippe
01-24-2012 01:03 AM
@Rizwan,
I'm reading the config and I have a little question, if I well understand, you are using the IP precedence in order to "flag" the traffic, it means that I could only limit/ensure the BW with 8 rules ( 7 VLAN + the rest of VLANs ).
We are planning to migrate the link to 1Gb and increase the number of VLAN running through it, it means that I don't want to be limited to so few, even if it's better than the 4 queues of SRR ;-)
Thank you
Philippe
01-24-2012 02:16 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
philippe.garcet wrote:
@Joseph,Thank you very much, but we do not have any ISR and I'm afraid we won't buy any ( budget, .... ), the L3 of the 3750 is enough ( we tought ) for our needs. I wsa wondering that this functionallity was possible on the L3.
@Joseph & @Rizwan,
Indeed, I don't want to limit the BW but well ensure a minimum of BW
What do you think if I replace "exceed-action drop" by "exceed-action policed-dscp-transmit" in the policy-map ?
Unfortunately, as I've already noted, the 3750 is oriented toward LAN usage, and as such, lacks some features often useful on WANs.
In answer to you second question, oversubscribed traffic would only be marked, not dropped, which would not contribute to protecting other flow bandwidth minimums on this device.
01-24-2012 03:21 AM
@Joseph,
Unfortunately, I need to deal with the fact that I only have 3750's even if I understand the limitations.
@Rizwan,
Oups, I got two kind of mistakes, the first one is the "police" instructions, the "Normal Burst bytes"
should be included between 8000 & 1000000.
The second one is when applying the service-policy to one vlan interface, I got :
%Qos: child plicycy-map VLAN-RESTALL-POLICER classmap RESTALLVLANS only support MATCH INPUT-INTERFACE
I'm running c3750e-universalk9-mz.122-55.SE3.bin
In order to go further, I divided your burst bytes by 10 and I changed the "class-map match-all RESTALLVLANS"
in order to match the WAN interface.
I also changed the exceed action from drop to policed-dscp-transmit for the VLAN I need to ensure the BW and I kept the drop for the rest of the VLAN.
The first high level tests I did are positive, but as Joseph said it probably does not ensure the minimum for the VLANs
I'll do more deaper test and I'll keep you informed as soon as I can.
Thank you very much
Philippe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: