Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Class-based traffic shaping not taking effect on IPsec Tunnel

Currently we are configuring class-based traffic shaping on an IPsec tuunel interface:

SGST3CEIDA002#sh run int tu645140202
Building configuration...

Current configuration : 357 bytes
!
interface Tunnel645140202
description Tunnel to SG
bandwidth 20000
ip address <removed>
ip policy route-map Redirect_Traffic
load-interval 30
tunnel source <removed>
tunnel destination <removed>
tunnel mode ipsec ipv4
tunnel protection ipsec profile SOE_BRANCH
service-policy output All_WAN_Policy_BW
end

SGST3CEIDA002#sh policy-map All_WAN_Policy_BW
  Policy Map All_WAN_Policy_BW
    Class class-default
      Average Rate Traffic Shaping
      cir 6144000 (bps)
      service-policy All_WAN_Policy_Child_BW
SGST3CEIDA002#sh policy-map All_WAN_Policy_Child_BW
  Policy Map All_WAN_Policy_Child_BW
    Class Standard_SOE
      bandwidth 4000 (kbps)
    Class Standard_nSOE
      bandwidth 2000 (kbps)
SGST3CEIDA002#

But from the result of show policy-map interface command it shows that the shaping is not taking effect:

SGST3CEIDA002sh policy-map int tu645140202
Tunnel645140202

  Service-policy output: All_WAN_Policy_BW

    Class-map: class-default (match-any)
      255694 packets, 272051590 bytes
      30 second offered rate 18416000 bps, drop rate 0 bps               <========= Incoming traffic 18Mbps
      Match: any
      Queueing
      queue limit 64 packets
      (queue depth/total drops/no-buffer drops) 0/0/0
      (pkts output/bytes output) 11/1650
      shape (average) cir 6144000, bc 24576, be 24576                    <========= Shape target 6Mbps
      target shape rate 6144000

      Service-policy : All_WAN_Policy_Child_BW

        Class-map: Standard_SOE (match-all)
          0 packets, 0 bytes
          30 second offered rate 0 bps, drop rate 0 bps
          Match: access-group name Standard_SOE
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 0/0
          bandwidth 4000 kbps

        Class-map: Standard_nSOE (match-all)
          255683 packets, 272051002 bytes
          30 second offered rate 18416000 bps, drop rate 0 bps
          Match: access-group name Standard_nSOE
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 0/0
          bandwidth 2000 kbps

        Class-map: class-default (match-any)
          11 packets, 588 bytes
          30 second offered rate 0 bps, drop rate 0 bps
          Match: any
         
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 11/1650
SGST3CEIDA002#

SWITCH001#sh int g0/16 | in bits/sec
  30 second input rate 584000 bits/sec, 1138 packets/sec
  30 second output rate 19551000 bits/sec, 2262 packets/sec               <======= Destination Port output 19Mbps

Anyone can advise on how to shape down the output traffic properly in this case?  Thanks

Everyone's tags (2)
729
Views
0
Helpful
0
Replies