03-19-2008 11:19 AM - edited 03-03-2019 09:12 PM
I'm looking to restrict a particular service/IP's (matched by ACL) to a specified chunk of bandwidth.
I've found before that police will do this, but only partially. I think I found that police will hold an ACL matched service to it's max bandwidth, but then it will either drop the packets that are over the limit or dish them off to the fair-queue.
I'd like to restrict the ACL matched service to it's specified max bandwidth, and for anytyhing over that it will keep it in its own queue till the bandwidth free's up on it's policy and then pass the packets.
Anyone know if this is possible?
03-19-2008 11:24 AM
Hi
I think the closest thing to what you want is to use traffic shaping rather than policing. Have a look at this document which explains the difference between the two. Please come back if you have further questions.
http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a00800a3a25.shtml
HTH
Jon
03-19-2008 11:53 AM
Thanks for the reply.
You're right, shapping does sound like the right thing for us, but, when I click on the link there to "configure traffic-shapping" the comands are:
Router(config-pmap-c)# police bps burst-normal burst-max conform-action action exceed-action action violate-action action
The options for exceed-action and violate-action do not keep the packets in their respected queue. It reassigns a precidence, QoS group, or dscp value. Even if I set it to the lowest presidense or least important dscp value, it still gets dished into the first in/first out queue and it utilizes the bandwidth just the same.
Traffic-shapping only applies to the interface, which would be the entire set of bandwidth I have. I don't want to mess with the QoS I already have setup for our time sensitive info, I just don't want this traffic that's matched by ACL to cut into the time sensitive traffic in anyway. The ACL matched info needs to remain in it's own queue no matter what.
So...
I'm thinking I may need another interface connected to it's own private data link, then use policy-based routing and just seperate it based on service/source/destination.
03-19-2008 11:52 AM
What you're describing might be accomplished with CBWFQ.
You can define a class to have a minimum amount of bandwidth when there's congestion from other traffic, but the class will use excess available bandwidth. If the minimum provides less bandwidth than the class is attempting to use, it will queue within that class.
e.g.
class-map ftp
match protocol ftp
policy-map T1
class ftp
bandwidth percentage 50 (can also use absolute values)
If ftp wants 25% of the T1, it shouldn't queue. If ftp want 50% of the T1, it also shouldn't queue.
If ftp wants 75% of the T1, and the additional 25% is available, it shouldn't queue. If there is no excess available, the extra 25% ftp should queue. If there is some excess available, is will obtain some, and will queue what it couldn't obtain.
You can also define the queue allocation for the ftp class and whether WRED should be used for drop management.
03-19-2008 12:59 PM
what about this crazy idea.. if it's possible. Creating a third subinterface (already have two) and configuring it with the traffic-shape? it'd still hit the default route for outbound..
here's my config, do you thinka third interface would work for this? say, some 192.168 address and just use ACL's to match the source and route it to the 192.168 interface... Possible? (in the config below, our data network is the 10. and the voice is th 172 - the replications data is coming from a 10.10.1.x address)
!
interface FastEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
speed auto
no cdp enable
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.10.1.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no cdp enable
!
interface FastEthernet0/0.172
encapsulation dot1Q 172
ip address 172.16.1.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no cdp enable
!
ip route 0.0.0.0 0.0.0.0 Serial1/0
03-19-2008 03:51 PM
Thought you wanted to use excess bandwidth?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: