05-31-2010 07:26 AM - edited 03-01-2019 02:19 PM
Greetings!
Look at my case:
Customers are connected to service provider (SP) trough a FastEthernet ports on a switch. One vlan per customer. Then that vlans are terminated on access router (subinterfaces). Occasionaly not all customers follow the contract agreement of bandwidth utilization. By contract they are prohibited to, for example, 7 mbps bandwidth, but because their connection is wirespeed (100 mbps) they often exceed that contract limitation.
The question is what is the best practice for SP to work out this situation? I mean, how to limit the rate for customers?
Applying service-policy with flow average limit doesn't work on subinterface for an ingress flow (from customer).
Thanks!
Yours, Alex
Solved! Go to Solution.
06-01-2010 06:43 AM
Hello Alex,
>> The case is - "customer is interconnecting different company sites."
fine
>> I still can hardly guess the meaning of burst and max-burst fields in mls qos aggregate-policer command.
These are buffers expressed in bytes not bytes/sec instead the rate is in bps.
Actually a policer uses a token bucket algorithm to compare packets with the presence of tokens in buffers:
if enough tokens for the packet are present in the buffer the packet is considered conforming and sent out/accepted.
What counts is packet size and interarrival time between this packet and the previous one sent/accepted.
in this case The burst and max-burst buffers allow to accomodate a burst of B bytes over the stated rate allowing to handle the variable nature of data traffic.
see
http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m2.html#wp1041087
exceed burst size is used at startup after long time of inactivity to allow to send more traffic during first time interval.
So these are parameters used to tune the policer behaviour and old rules used with CAR was to allow at least 250 msec of traffic at peak rate to dimension the normal burst size and to use a double value for exceeding burst size.
These buffers are refilled of tokens at the specified bit rate and no more and allows to use later up to B to max-B "credits"
Hope to help
Giuseppe
05-31-2010 12:19 PM
Hello Alex,
customers should implement outbound shaping a little less then state peak bit rate and you should police inbound.
However, it is important to notice that we are talking of internet access, this is typically asymmetrical with much more traffic in the opposite direction (from internet to customer) then from customer to internet.
You can shape outbound towards the customer but the customer may have already used BW resources on your upstream link(s) to the big internet.
if this is the case, an indirect attempt to limit downstream direction is to limit upstream more (that is to follow the asymmetric nature of internet traffic)
So it would be important to know if customer traffic is directed to the public internet or they are interconnecting different company sites.
Hope to help
Giuseppe
06-01-2010 01:15 AM
Hi!
The case is - "customer is interconnecting different company sites."
Two variants of interconnection of sites:
customer-----ISP switch-- (ISP network) --ISP switch-----customer
Interconnection between ISP switches is either pure 802.1q or EoMPLS tunnel.
Current decision for bandwidth limit is of that kind:
mls qos aggregate-policer CUST_11 20000000 1000000 1000000 conform-action transmit exceed-action drop
interface Vlan11
service-policy input CUST_11
service-policy output CUST_11
Any better ideas?
P.S.
One nube question also.
I still can hardly guess the meaning of burst and max-burst fields in mls qos aggregate-policer command.
The sintax is such:
mls qos aggregate-policer aggregate-name rate burst [max-burst] [pir peak-rate] [conform-action action]...
For example, customer is connected to a 1Ge interface, I need to guarantee him less or equal 40 Mbps CIR.
The rate then will be in bits-per-second - thus - 40000000.
What the burst and max-burst fields (that are in bytes/sec) are correlated with and how ?
Thanks!
06-01-2010 06:43 AM
Hello Alex,
>> The case is - "customer is interconnecting different company sites."
fine
>> I still can hardly guess the meaning of burst and max-burst fields in mls qos aggregate-policer command.
These are buffers expressed in bytes not bytes/sec instead the rate is in bps.
Actually a policer uses a token bucket algorithm to compare packets with the presence of tokens in buffers:
if enough tokens for the packet are present in the buffer the packet is considered conforming and sent out/accepted.
What counts is packet size and interarrival time between this packet and the previous one sent/accepted.
in this case The burst and max-burst buffers allow to accomodate a burst of B bytes over the stated rate allowing to handle the variable nature of data traffic.
see
http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m2.html#wp1041087
exceed burst size is used at startup after long time of inactivity to allow to send more traffic during first time interval.
So these are parameters used to tune the policer behaviour and old rules used with CAR was to allow at least 250 msec of traffic at peak rate to dimension the normal burst size and to use a double value for exceeding burst size.
These buffers are refilled of tokens at the specified bit rate and no more and allows to use later up to B to max-B "credits"
Hope to help
Giuseppe
06-17-2010 04:25 AM
Hi - My problem is similar to this so I'll try replying here before starting a new post.
We have an ISP network and sell increments of a 10Gb WAN interface to customers.
At the moment we are policing inbound at the edges of our network to rate limuit L2VPN bandwidth and policing inbound and outbound at the egress of out network for IP transit. We had a few problems with our initial policing config in that it was quite brutal and the effect for L2VPN users was that anything over the 50Mb was just getting dropped and their TCP applications were throttling back loads and the perceived bandwidth (by the customer) was much lower than the 50Mb. The policer we used was this.
policy-map 50Meg
class class-default
police 50000000 1500 1500 conform-action transmit exceed-action drop
!
Having looked at a few other ISP's configs, I can see shapers being used extensively instead of policers. I know the technical differences between the two, but want to know if we should look to implement shaping instead of policing to provide a better experience for the customer whilst still restricting bandwidth?
Also, I can understand the variables used in policers and shapers, but are there some standard fugures that you would use for say 20, 40 and 50 Mb policers as I can imagine just guessing them is not going to work
Many Thanks in advance
Dom
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide