08-29-2006 02:40 PM - edited 03-03-2019 01:48 PM
Hello,
We recently implemented a hosted NVPN solution in which each site has a T1 to the carrier, who manages the routing between sites. In a sense it's like a fully-meshed frame-relay, except it's ATM and we get an ethernet handoff. The problem is that the primary site has a 3Mbps connection (two T1s) while all the others have 1.5Mbps connections. I want to set up traffic shaping on this 3Mb outbound interface such that traffic to each remote site gets no more than 1.5Mb, while the total does not exceed 3Mb. It seems like it should be easy, but you can't nest GTS policies inside GTS policies. So my question is what is the best way to do this? Should I do 3Mb traffic shaping on the parent class then do 1.5Mb policing on the sub-classes? Should I do 3Mb rate-limiting on the interface then 1.5Mb shaping on each of the sub-classes? The primary goal here is to keep VoIP high priority and low latency. My prposed config is included below:
policy-map VoipPolicy
class VoIP
priority percent 50
class class-default
fair-queue
random-detect
policy-map NVPN_Multisite
class ToSite1
shape average 1500000
service-policy VoipPolicy
class ToSite2
shape average 1500000
service-policy VoipPolicy
class ToSite3
shape average 1500000
service-policy VoipPolicy
class ToSite4
shape average 1500000
service-policy VoipPolicy
class ToSite5
shape average 1500000
service-policy VoipPolicy
interface FastEthernet0/1
ip address 10.10.0.2 255.255.255.0
rate-limit output 3000000 200000 400000 conform-action transmit exceed-action drop
service-policy output NVPN_Multisite
I'm afraid with this setup though that voice packets would be equally eligible for dropping as data packets when the 3Mb limit is reached.
Solved! Go to Solution.
08-29-2006 04:32 PM
Hey Andrew,
It is definately not a good idea to put a shaper behind a rate limiter, since like you said: voice packets will be equally eligable for drop.
There isn't a perfect solution here, since we cant shape twice on the output interface. Since we can only shape once, you have 2 choices:
1. shape to 3 megs, and apply voice qos to FE
2. shape to less than 1.5 mbps on individual sites
The drawbacks to each are:
1. no ability to control traffic on a per-site basis
2. wont efficiently utilize 3mb link
From what I can see about your network, I think you're best bet is #1.
policy-map SHAPE
class class-default
shape average 3000000
service-policy VoipPolicy
int fa0/1
service-policy out SHAPE
With this configuration, it will be impossible to send more than 1.5Mbps of voice out to any particular remote site, since the 'priority' statement applies a policer to that class of traffic.
All that being said, another big thing we need to look at is what kind of guarantee the provider is giving you for voice. Most of the time, when you buy an NVPN circuit from the telco, you can buy a low latency guarantee for voice traffic, where you set DSCP or precedence values in your voice packets. This helps out in the scenario that more than 1.5Mbps of traffic is destined for one of your endpoints, and packets (voice and data) are being dropped by the PE router.
Will
08-29-2006 04:32 PM
Hey Andrew,
It is definately not a good idea to put a shaper behind a rate limiter, since like you said: voice packets will be equally eligable for drop.
There isn't a perfect solution here, since we cant shape twice on the output interface. Since we can only shape once, you have 2 choices:
1. shape to 3 megs, and apply voice qos to FE
2. shape to less than 1.5 mbps on individual sites
The drawbacks to each are:
1. no ability to control traffic on a per-site basis
2. wont efficiently utilize 3mb link
From what I can see about your network, I think you're best bet is #1.
policy-map SHAPE
class class-default
shape average 3000000
service-policy VoipPolicy
int fa0/1
service-policy out SHAPE
With this configuration, it will be impossible to send more than 1.5Mbps of voice out to any particular remote site, since the 'priority' statement applies a policer to that class of traffic.
All that being said, another big thing we need to look at is what kind of guarantee the provider is giving you for voice. Most of the time, when you buy an NVPN circuit from the telco, you can buy a low latency guarantee for voice traffic, where you set DSCP or precedence values in your voice packets. This helps out in the scenario that more than 1.5Mbps of traffic is destined for one of your endpoints, and packets (voice and data) are being dropped by the PE router.
Will
08-29-2006 05:13 PM
Thanks Will,
That's the way I had it set up at first, and the problem I had was that it will try to send 3Mb total (voice + data) to any one site if requested, which it can't, so the congestion point becomes the telco router rather than ours and packets get dropped equally there.
The provider's SLA is the same for all traffic, but it meets requirements for toll-quality voice. I guess they should still honor precedence within our own traffic though, I'll check on that.
08-29-2006 07:02 PM
You know, I just realized that of course we need the telco to use precedence on their interface to the CPE router, because no matter how much we prioritize outbound traffic, if two sites are sending data to a third site they have no way of knowing the other is also sending data to that site and so the congestion point will once again be the telco router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide