Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

rate-limit vs policing & shaping

I am configuring a 3560 to provide internet access for our customers and I need to make sure they don't use more bandwidth than they have contracted for.

I see that the 3560 supports the rate-limit command, but was told that I should use traffic shaping and policing along with access lists to manage the bandwidth.

Is there a reason that I should avoid using the rate-limit command - it looks much simpler.

Thanks,

Julie

10 REPLIES
Hall of Fame Super Bronze

rate-limit vs policing & shaping

3560 switch?

While the command is available in the CLI, it is not supported on this platform:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swuncli.html

Traffic shaping nor egress policing are supported either.

For bandwidth limiting on a 3560, you need to use the srr-queue bandwidth limit command:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/command/reference/cli3.html#wp1947391

New Member

rate-limit vs policing & shaping

What switches do support either the rate-limit command or traffic shaping and policing? Maybe we purchased the wrong switches . . .

Thanks for the information - I had assumed that since the command was available, that it was supported - you'd think I would know better than to make any assumptions!

Green

rate-limit vs policing & shaping

Julie

I have been through this a couple of times now.

I have tried all the forbidden options but at least Edison has pointed these out (+5)

On the interface add the egress limiters

!

int fas 0/1

srr-queue bandwidth limit 55

!

This will limit a 100M interface to 55% = 55M

The % can be between 10 -- 90

HTH

Alex

Regards, Alex. Please rate useful posts.
New Member

rate-limit vs policing & shaping

I was told by our vendor that if I upgrade to the ip base ios, that we will be able to manage the bandwidth on a per port basis - is this true?

Thanks for all the info!

Julie

Hall of Fame Super Bronze

rate-limit vs policing & shaping

You could police inbound with your current switches. In general, we recommend policing inbound and shape outbound.

For egress shaping on switches, you need high-end switches such as: 4500 with Sup6-E/7 or 6500 with SIP/SPA WAN module or Sup2T.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_52_se/configuration/guide/swqos.html#wp1044737

Super Bronze

rate-limit vs policing & shaping

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of    this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising    out of the use or inability to use the posting's information even if    Author has been advised of the possibility of such damage.

Posting

Likely the reason traffic shaping was mentioned because it's generally "nicer" in how it regulates bandwidth than a policer or rate-limiter, since it attempt to queue excess traffic rather than just dropping it.

The 3560 does supports "shaping" per egress queue.  See the SRR shape feature in:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swqos.html

However this might not be suitable for you if you have more than customers than the 4 egress queues.  (Ditto issue if you "shape" physical egress port, as mentioned by another poster.)

Otherwise, on your platform, you're limited to policing inbound traffic as described by Edison.

If you do utilize the policing method, you'll likly need to tune parameters as defaults often tend to impact TCP traffic enough that actual usage is much less than agreed upon bandwidth.

New Member

rate-limit vs policing & shaping

Joseph,

Are there 4 egress queues per access port?  Each access port will be dedicated to a single customer - only the trunk ports will transport traffic from multiple customers.

Is egress traffic shaping and inbound policing supported in the LAN Base IOS or do I need one of the IOS versions that support IP?

Thanks for the information!

Super Bronze

rate-limit vs policing & shaping

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of    this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising    out of the use or inability to use the posting's information even if    Author has been advised of the possibility of such damage.

Posting

Yes, there are 4 egress queues per port, but you need to enable QoS to activate them.  Otherwise, there's just one egress queue per port.

For overall customer "shaping", if there's one customer per port, you might also use the port bandwidth limiter, although it's not as precise ("These values are not exact because the hardware adjusts the line rate in increments of six.").

I think the QoS features are supported on all IOS images for the original 3560, but don't quote me.

New Member

rate-limit vs policing & shaping

When you are talking about the bandwidth limiter, do you mean the rate-limit interface command?  If so it is not supported on the 3560 switches - it shows up in the CLI, but the release notes say it is not supported.

Super Bronze

Re: rate-limit vs policing & shaping

Disclaimer

The    Author of this posting offers the information contained within this    posting without consideration and with the reader's understanding that    there's no implied or expressed suitability or fitness for any  purpose.   Information provided is for informational purposes only and  should not   be construed as rendering professional advice of any kind.  Usage of    this  posting's information is solely at reader's own risk.

Liability Disclaimer

In    no event shall Author be liable for any damages whatsoever  (including,   without limitation, damages for loss of use, data or  profit) arising    out of the use or inability to use the posting's  information even if    Author has been advised of the possibility of  such damage.

Posting

I had in mind the "srr-queue bandwidth limit weight1" command.

1902
Views
5
Helpful
10
Replies
CreatePlease to create content