can packetshaping be done on internet facing interface to achieve limiting & smoothening of traffic (rather than dropping). this is for connections coming from internet towards webserver
on the internal segment.
idea is to restrict the traffic towards webserver using up all the bandwidth on the link.
Would shaping be beneficial if applicable outbound or inbound?
Ideally you should be as close as possible to your server.
Typically, shaping is applied from network edge towards server or user ( as this is where BW gets limited more than distribution and core layers).
Keep in mind, that shaping may be good to avoid drops, but it does introduce delay with buffering and if you have delay sensitive applications they would suffer.
Agreed, but if we apply on the local interface(off which server resides), the traffic from internet inbound would already have used up the bandwidth over the link while arriving on the external interface.
Please correct if my understanding is wrong.
In this case you should configure traffic policing inbound, but that will cause packet drops.
Or, you can negotiate with your service provider to do traffic shaping for you on their outbound interface.
Thats correct !
in this case u need to look at an end to end design and manage congestion in the whole path taken from internet to server.
if the nature of ur traffic is TCP, you coudl enable WRED so packets are dropped randomly and congestion is reduced.
There are few mechanism for congestion avoidance and BW Mngt, without seeing the entire setp its hard to advice you correctly.
Attached is simplifed setup figure.
Server1 is the one we need to look at regulating the bandwith inbound from internet, as the process consumes lots of bandwidth.
The internet bandwidth is 4 Mbps.Please advice way to regulate this server traffic inbound from internet not to exceed say 1 Mbps & any other suggestions.
Appreciate your help!
Shaping is applicable only outbound.
So if you want to shape traffic coming from the Internet to the webserver, then you should configure traffic shaping on the interface of the router that leads to the webserver, outbound.
With MQC you can also configure traffic shaping selectively for traffic destined to the webserver and sourced from the Internet.
The closest interface on router leading to server is the lan interface, do you recommend on applying shaping outbound on lan interface..as it already has entered in?
Shaping is applicable only outbound..per my understanding this is because of buffers.is this correct?
"Would shaping be beneficial if applicable outbound or inbound? "
Depends on what you're trying to achieve and what "kind" of shaping the device supports.
For shaping implemented on Cisco devices, its primary purpose is to create an artifical bandwidth bottleneck upstream of a physical bottleneck. This assuming we can't manage congestion at the physical bottleneck but can at the shaped bottleneck.
If you have in mind "packetshaping" performed by a device product like those provided by Packeteer or Exinda, that shaping is much more involved.
"idea is to restrict the traffic towards webserver using up all the bandwidth on the link. "
Cisco type shaping won't help much there, although Cisco type policing might. Packeteer or Exinda type shaping might help.
In case of products as you mentioned ..which would be the best place to place these devices to get effect shaping viz.
terminate internet on these devices( which i dont think is proper); put this in between internet facing router & internal lan.