Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Multi-layer QoS policy to manage traffic

Bear with me - the questions are at the bottom !!

A (MPLS) network delivers many VPNs to a number of sites. MPLS is not the issue.

--------------------------------------------------------------------------------------------

We want a traffic management policy that

a) controls traffic sent into the MPLS cloud that can make sure that traffic

for one VPN gets into MPLS over another VPN

b) traffic within a VPN is controlled by destination as an attempt to prevent

one site in a VPN flooding other sites

c) We can set specific limits if required but not in this text

d) We can't control PE device QoS policies so can only control traffic sent into the

MPLS cloud.

--------------------------------------------------------------------------------------------

So here is the idea for a site's access router into MPLS where the link bandwidth is 100M

but the logical bandwidth = 10M (i.e. the MPLS throws away > 10M sent to it):

1) input marking so that different VPNs use different DSCP

2) With WRED set on the output interface (note no WRED policy set in this doc

to differentiate what drops when)

3) Now want to shape for each VPN and each destination for each VPN.

--------------------------------------------------------------------------------------------

Here is the parent matching to the 10M ingress policy

policy-map output-parent

class class-default

shape average 10000000

service-policy VPN1-VPN1dst-1 <--- child for VPN1 remote site 1

service-policy VPN1-VPN1dst-2

service-policy VPN1-VPN1dst-3

...

service-policy VPN2-VPN2dst-1 <--- child for VPN1 remote site 2

service-policy VPN2-VPN2dst-2

service-policy VPN2-VPN2dst-3

...

Here are the childden for each remote site for each VPN

policy-map VPN1-VPN1dst-1

class class-default

bandwidth percent X

policy-map VPN1-VPN1dst-2

class class-default

bandwidth percent X

policy-map VPN1-VPN1dst-3

class class-default

policy-map VPN2-VPN2dst-1

class class-default

bandwidth percent X

policy-map VPN2-VPN2dst-2

class class-default

bandwidth percent X

policy-map VPN2-VPN2dst-3

class class-default

bandwidth percent X

policy-map VPN1-VPN1dst-1

class class-default

bandwidth percent X

The big questions forgetting the details of bandwidth and shaping is ....

What are the implications of having lots of child policies ?

Is there a child limit ?

Are there some big caveats (memory etc)

Has anyone done something similar ?

1 REPLY

Re: Multi-layer QoS policy to manage traffic

Hi,

I thought the child limit is ONE. Maybe I am missing a new feature, but the idea of nested policies is to create a "virtual interface hardware queue" with the shaper and apply ONE service-policy child to it.

So you should look for

class-map VLAN1

match interface vlan1

class-map VLAN2

match interface vlan2

policy-map child

class VLAN1

bandwidth percent 10

class VLAN2

bandwidth percent 35

policy-map output-parent

class class-default

shape average 10000000

service-policy output child

Be aware that VPN1 to VPN2 is not limited this way to less than 10 Mbps.

Hope this helps

Martin

119
Views
5
Helpful
1
Replies
CreatePlease to create content