Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

bandwidth allocation ...

Dear Friends.. Good day ..

i have a requirement .. in which i have a router which is having a big pipe of bandwidth is coming .. and now i have to allocate the bandwidth - 128K very exact to one of our client... not very sure how i can do this and how i can make sure this is working correctly and can also show this to client about the bandwidth allocated to him

please read below point and correct me if m wrong ...

1. from client rack / switch .. pull a wire and put it into our switch which then connecte to WAN router - not connecting client LAN directly to router becoz of port usage .. dont want to give single client a dedicated port .. inturn planning of using VLAN and then terminate from switch to router LAN interface.

2. configure routing + NAT and ACL (if required)

3. .................? this is missing .. how can i allocate him specific bandwidth based on his subnet .this router will be having multiple clients like this .. with their own subnets

Please advice. and if you have some sample configuration please share if u can .Thanks for the help

Everyone's tags (1)
5 ACCEPTED SOLUTIONS

Accepted Solutions

Re: bandwidth allocation ...

Lets assume the subnet of client 1 is 10.1.1.0/24

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

Hope this help

If helpful rate

Sent from Cisco Technical Support iPhone App

Re: bandwidth allocation ...

See answers below

1- no as the vlan interface works differently because it might be assigned to multiple physical interfaces

2-you might try to use shown policy map interface x/x to display the bandwidth allocation per class and the drop if any

Or you can enable net flow in the interface and use a net flow application to collect real time statistical data to see the usage per ip source, dscp marking ...etc

3- this something you have to configure as per your requirements if you can do any of the options you mentioned using same policing calm and with burst and you can mark down the exceeded traffic rather than drop it if want to

4- use same police command with burst key work

Nating will be performed to the traffic going via the outside interface so it has no issue with matching the source ip from the inbound interface

Hope this help

Plz rate the helpful posts

bandwidth allocation ...

What I meant by vlan interface is layer 3  vlan interface

In your case you will need layer 2 vlan only in the switch

And configure the router interface with above qos policy concept and all will good

HTH

bandwidth allocation ...

If you are going to divid the fe interface of the routers to sub interfaces per vlan then just apply the qos policy on the main physical interface with the appropriate class maps per source subnet

And I meant by vlan interface on the switch not the router one you referring to

HTH

bandwidth allocation ...

See below links

Use inbound inur case for the policy application

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a0080114326.shtml

http://ardenpackeer.com/qos-voip/qos-applying-cbwfq-to-a-sub-interface/

http://www.configrouter.com/topic/qos-configuration-on-fe-subinterface

You can chose to use per sub interface policy

Or one on the main interface but you need to have all the class maps of all subnets under this policy in this case

Hope this help

24 REPLIES

Re: bandwidth allocation ...

Lets assume the subnet of client 1 is 10.1.1.0/24

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

Hope this help

If helpful rate

Sent from Cisco Technical Support iPhone App

New Member

Re: bandwidth allocation ...

Thanks for the quick reply ... couple of questions..

1. the interface you mentioned .. can be a vlan interface...?

2. can i monitor this .. and can i show this to client..in action so that he gets a confidence that he got the perfect what he asked.

3. traffic if goes above 128 will be dropped or queued ... means what will happen in this case...?

4. how can i configure CIR and bursting .. and packet drop (what do you say .. recommended or not - packet dropping)

Thansk for the help and time

one more things NAT will also come into play to convert the private to public .. no worries...?

Re: bandwidth allocation ...

See answers below

1- no as the vlan interface works differently because it might be assigned to multiple physical interfaces

2-you might try to use shown policy map interface x/x to display the bandwidth allocation per class and the drop if any

Or you can enable net flow in the interface and use a net flow application to collect real time statistical data to see the usage per ip source, dscp marking ...etc

3- this something you have to configure as per your requirements if you can do any of the options you mentioned using same policing calm and with burst and you can mark down the exceeded traffic rather than drop it if want to

4- use same police command with burst key work

Nating will be performed to the traffic going via the outside interface so it has no issue with matching the source ip from the inbound interface

Hope this help

Plz rate the helpful posts

New Member

Re: bandwidth allocation ...

thanks for the rpely .. but you saying it will not work with VLAN.. first of al am not able to understand why .. secondly .. then are you saying for each client we have to give him dedicated port from his lan to come to my router which is having WAN connection .. > i dont thnk this is practical ... ?

Please advice.. i told you wany m doing VLAN just to have multiple clients terminatiing their LAN on same interface... do you have some better idea for this

bandwidth allocation ...

What I meant by vlan interface is layer 3  vlan interface

In your case you will need layer 2 vlan only in the switch

And configure the router interface with above qos policy concept and all will good

HTH

New Member

bandwidth allocation ...

thanks for the time and reply again ...

when u say i dont need layer 3 interface.. what do you mean by this .. sorry it this is basic .. but i will have a switch .. Cisco 3750 on which all my client's lan will come and connect .. and from there a wire will connect the router's fe interface which logically will be then divided into LANs based on each client. and then qos policy will come into play and will be applied on each vlan interface

Please correct me if i am wrong .. Thansk for the help

bandwidth allocation ...

If you are going to divid the fe interface of the routers to sub interfaces per vlan then just apply the qos policy on the main physical interface with the appropriate class maps per source subnet

And I meant by vlan interface on the switch not the router one you referring to

HTH

New Member

bandwidth allocation ...

Thanks for the time and reply SIR...

do you have some sample configuration ... for my scenario ... dont have much idea how to do this .. or some article ..

i will have VLAN on the switch also which will differentiate and then on router also becoz of WAN line terminating on router.

so just to sum up .. i can have different policies per vlan interface... just worried about one thing .. if i am terminating multiple clients on same router then they will be able to see each other .. becoz of inter VLan routing. sorrent me if i am wrong. Any suggestion on this side.

Please provide some article or some sample configuration if you have ..thanks for the help

Happiness Always

bandwidth allocation ...

See below links

Use inbound inur case for the policy application

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a0080114326.shtml

http://ardenpackeer.com/qos-voip/qos-applying-cbwfq-to-a-sub-interface/

http://www.configrouter.com/topic/qos-configuration-on-fe-subinterface

You can chose to use per sub interface policy

Or one on the main interface but you need to have all the class maps of all subnets under this policy in this case

Hope this help

New Member

bandwidth allocation ...

Thanks for the help.. happiness Always

bandwidth allocation ...

For the other question of isolating clients traffic and not to have then routed to each other the best way to achieve it is by using vrf lite which is a bit advanced topic in routing where you can have multiple routing instances in one physical routing and they are isolated and you need to address this with your nat cofig

Examples

http://irwanp.wordpress.com/2009/02/10/multiple-vrf-on-one-customer-site/

http://packetlife.net/blog/2009/apr/30/intro-vrf-lite/

http://fengnet.com/book/MPLS%20VPN%20Security/ch09lev1sec2.html

Vrf with nat

http://packetlife.net/forums/thread/680/

Hope this help

New Member

bandwidth allocation ...

was thinking to use ACL to block traffic on sub interfaces not good ...?

bandwidth allocation ...

Yes it is another option as well

New Member

Re: bandwidth allocation ...

i just followed this in my case..

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

but this is only working one side on uploading .. downloading is coming as it is ... secondly .. the value which u gave 128000 is this 128kbps .. how can i make sure this ..

Please advice..

New Member

bandwidth allocation ...

Hi Jatinder,

CAR (rate-limit) will work similar to MQC police, it will allow you to rate traffic based on ACLs both in and out direction, here are some useful links:

http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qccar.html

Check "Rate Limiting by Access List Example".

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a00800d7276.shtml

Regards.

Hall of Fame Super Bronze

bandwidth allocation ...

To control the downloading as well as the uploading, this config should should work:

Access-list 100 permit ip any any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

Int x/x

Service policy p1 in

service policy p1 out

New Member

Re: bandwidth allocation ...

Thanks Edison for the reply...!!!

i tried exactly the same and then i went to speedtest.net and it didnt worked for me ... one more thing .. i dont want to limit any specific traffic .. it will be for all kind of traffic . but its not working .. can you please help

happiness always

Jatin

Hall of Fame Super Bronze

bandwidth allocation ...

Can you post your current config along with the 'show policy-map interface' output?

New Member

bandwidth allocation ...

sure Edison will do but by tomorrow.. if you want to understand my scenario i can write it for you ...or if you have couple of minutes you can read this thread of mine ...

https://supportforums.cisco.com/message/3501606#3501606

my network is my first comment in this thread .. please read.. if there is smthign i need to do for my particular scenario please advice .. thanks again for the help....

main aim is not to give client more then 128 or less then 128... from the total wan pipe

Hall of Fame Super Bronze

bandwidth allocation ...

I saw the thread but I need to see current configs and see if you are missing anything..

New Member

bandwidth allocation ...

ok Edison .. will do it tomorrow morning ... (already end of day in my country)

i also read a command rate-limit which is per interface...? this can work in my scenario .. what exactly the difference.. if you can suggest

Hall of Fame Super Bronze

bandwidth allocation ...

rate-limit is legacy QoS and I much rather use Modular QoS CLI (MQC) for new implementations.

New Member

Re: bandwidth allocation ...

hi Edison sorry for the late reply.. please find attachments there are 4 files

1. Router config

2. show policy-map interface

3. speed test - Withour QoS

4. speed test - Withour QoS

i tested the solution which you gave me but no success.. secondly there are two more problems ..

1. dont know my internet is working fine with all the other public ips on this configuration but for this configurations its not working .. connection gets disconnected with an error server not found

2. i dont want other users to use this 128 kb bandwidth.. means if the pipe is 1mb other subnets or people connecting from other interface should get 1mb - 128 kb. i think for this i need to make one more policy map which will be for the bandwidth 1mb-128 and then assign it to my fe 0/1

Please suggest/.... thansk for the help

New Member

class-map match-all Md_Area

class-map match-all Md_Area
match access-group 101
class-map match-all PDB
match access-group 103
class-map match-all GIS
match access-group 104
class-map match-all Main_office
match access-group 102
!
!
policy-map subnet
class Md_Area
police cir 3000000
conform-action transmit
exceed-action drop
class Main_office
police cir 3000000
conform-action transmit
exceed-action drop
class PDB
police cir 1000000
conform-action transmit
exceed-action drop
class GIS
police cir 2000000
conform-action transmit
exceed-action drop


Spintex_Office#sh policy-map interface
GigabitEthernet0/0

Service-policy input: subnet

Class-map: Md_Area (match-all)
3704 packets, 672028 bytes
5 minute offered rate 8000 bps, drop rate 0 bps
Match: access-group 101
police:
cir 3000000 bps, bc 93750 bytes
conformed 3704 packets, 672028 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 8000 bps, exceed 0 bps

Class-map: Main_office (match-all)
105170 packets, 10582398 bytes
5 minute offered rate 100000 bps, drop rate 0 bps
Match: access-group 102
police:
cir 3000000 bps, bc 93750 bytes
conformed 105127 packets, 10517724 bytes; actions:
transmit
exceeded 43 packets, 64674 bytes; actions:
drop
conformed 38000 bps, exceed 0 bps

Class-map: PDB (match-all)
111274 packets, 64140421 bytes
5 minute offered rate 805000 bps, drop rate 48000 bps
Match: access-group 103
police:
cir 1000000 bps, bc 31250 bytes
conformed 108919 packets, 60944294 bytes; actions:
transmit
exceeded 2357 packets, 3196307 bytes; actions:
drop
conformed 867000 bps, exceed 37000 bps

Class-map: GIS (match-all)
1092279 packets, 98808882 bytes
5 minute offered rate 1108000 bps, drop rate 0 bps
Match: access-group 104
police:
cir 2000000 bps, bc 62500 bytes
conformed 1090846 packets, 97608528 bytes; actions:
transmit
exceeded 1435 packets, 1200518 bytes; actions:
drop
conformed 1236000 bps, exceed 0 bps

Class-map: class-default (match-any)
3583116 packets, 5004096187 bytes
5 minute offered rate 57539000 bps, drop rate 0 bps
Match: any

Service-policy output: subnet

Class-map: Md_Area (match-all)
274 packets, 75462 bytes
5 minute offered rate 2000 bps, drop rate 0 bps
Match: access-group 101
police:
cir 3000000 bps, bc 93750 bytes
conformed 274 packets, 75600 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 2000 bps, exceed 0 bps

Class-map: Main_office (match-all)
7442 packets, 1506250 bytes
5 minute offered rate 18000 bps, drop rate 0 bps
Match: access-group 102
police:
cir 3000000 bps, bc 93750 bytes
conformed 7442 packets, 1506976 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 2000 bps, exceed 0 bps

Class-map: PDB (match-all)
181 packets, 29585 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 103
police:
cir 1000000 bps, bc 31250 bytes
conformed 181 packets, 33716 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 0 bps, exceed 0 bps

Class-map: GIS (match-all)
866130 packets, 53883268 bytes
5 minute offered rate 683000 bps, drop rate 0 bps
Match: access-group 104
police:
cir 2000000 bps, bc 62500 bytes
conformed 866131 packets, 53880540 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 779000 bps, exceed 0 bps

Class-map: class-default (match-any)
4059148 packets, 5172712383 bytes
5 minute offered rate 58916000 bps, drop rate 0 bps
Match: any

please Edision i did this configuration on my router but i m not sure that is correct or not 

i would be grateful if you correct me

4536
Views
5
Helpful
24
Replies