09-10-2013 10:21 AM
We use 7206VXR as a pppoe bras, due to limited bandwidth during night hours we decided to change our clients download rate during the period. So we generate per session CoA packet and get ACK from cisco, But this is not update the previous values just add new rate-limit:
BRAS#sh int Virtual-access 2007 rate-limit
Virtual-Access2007
Input
matches: all traffic
params: 256000 bps, 48000 limit, 96000 extended limit <------------------ Original Values
conformed 20056 packets, 1939505 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: drop
last packet: 2004696ms ago, current burst: 0 bytes
last cleared 03:11:01 ago, conformed 1353 bps, exceeded 0 bps
matches: all traffic
params: 1024000 bps, 128000 limit, 256000 extended limit <-------------------- New Values via CoA
conformed 0 packets, 0 bytes; action: continue
exceeded 0 packets, 0 bytes; action: drop
last packet: 11509504ms ago, current burst: 0 bytes
last cleared 03:09:46 ago, conformed 0 bps, exceeded 0 bps
Output
matches: all traffic
params: 256000 bps, 48000 limit, 96000 extended limit
conformed 20172 packets, 26466289 bytes; action: transmit
exceeded 9311 packets, 12622701 bytes; action: drop
last packet: 160292ms ago, current burst: 0 bytes
last cleared 03:11:01 ago, conformed 18472 bps, exceeded 8810 bps
matches: all traffic
params: 1024000 bps, 128000 limit, 256000 extended limit
conformed 0 packets, 0 bytes; action: continue
exceeded 0 packets, 0 bytes; action: drop
last packet: 11511624ms ago, current burst: 0 bytes
last cleared 03:09:49 ago, conformed 0 bps, exceeded 0 bps
as you can see above both policies are match all traffic and the first one is applying always, How can I replace the Original values not Adding new values?
Thanks for your help
09-12-2013 12:13 PM
in IOS you should only be able to apply one qos policy per direction at any time.
so what should happen here is the reference of a new policy-map that is getting applied to the user(s).
it should show up as a single pmap in terms of show policy-map interface virtual-ac X.
it all depends on how you have defined your services here.
if you have a base vtemplate that has a qos policy and then assign a service over it with a new qos policy you may get a pmap merge, which is sort of what I see here.
cheers
xander
09-13-2013 09:40 PM
Dear Alex, Thanks for your reply but there is a problem:
1- I used Policy-map based traffic shaping for pppoe users but consider to very high cpu usage issue (99% on 3000 session) I changed the solution to pass rate-limit parameter behalf of policy-map name, now I have more than 7000 session with 50% cpu consumption. So I have no policy-map @ work now:
#sh policy-map interface virtual-access 3
#
2- as I mentioned before I'm passing rate-limit value with radius while user authorization proccess and everything works fine, problem is you can have more than one rate-limit per virtual-access and with my config just first one applies to session.
Regards
09-14-2013 08:10 AM
Salar,
when you use the pmaps what is the cpu spent on?
the rate-limit command is usable for the 7200, but that will limit your ability to modify it via COA.
also the rate-limit will cause a full VAI I believe, but the policy-map, if applied via the right VSA will maintain a sub vai which also will provide for larger scale.
So the 2 things I would like to see, besides the version, is the full configuration and what CPU util when using pmaps is spent on.
cheers
xander
10-09-2017 06:43 AM
hi
i had this problem too
but i solved the problem with removing the old rate-limit then apply the new rate-limit
example:
echo User-Name=mehdi,Framed-IP-Address=\"10.0.0.1\",Cisco-Avpair=\"lcp:interface-config#1=no rate-limit output 2097152 393216 786432 conform-action transmit exceed-action drop\",Cisco-Avpair=\"lcp:interface-config#2=no rate-limit input 2097152 393216 786432 conform-action transmit exceed-action drop\",Cisco-Avpair=\"lcp:interface-config#1=rate-limit output 8388608 1572864 3145728 conform-action transmit exceed-action drop\",Cisco-Avpair=\"lcp:interface-config#2=rate-limit input 8388608 1572864 3145728 conform-action transmit exceed-action drop\" | radclient -d /usr/local/share/freeradius/ -x -F 192.168.1.1:3799 coa nas_secret
detail:
removing old rate-limit:
Cisco-AVPair = "lcp:interface-config#1=no rate-limit output 2097152 393216 786432 conform-action transmit exceed-action drop"
Cisco-AVPair = "lcp:interface-config#2=no rate-limit input 2097152 393216 786432 conform-action
transmit exceed-action drop"
adding new rate limit:
Cisco-AVPair = "lcp:interface-config#1=rate-limit output 8388608 1572864 3145728 conform-action transmit exceed-action drop"
Cisco-AVPair = "lcp:interface-config#2=rate-limit input 8388608 1572864 3145728 conform-action transmit exceed-action drop"
Best Regards
mehdi.sadighian@hotmail.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide