cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11114
Views
5
Helpful
24
Replies

bandwidth allocation ...

JATINDER KUMAR
Level 1
Level 1

Dear Friends.. Good day ..

i have a requirement .. in which i have a router which is having a big pipe of bandwidth is coming .. and now i have to allocate the bandwidth - 128K very exact to one of our client... not very sure how i can do this and how i can make sure this is working correctly and can also show this to client about the bandwidth allocated to him

please read below point and correct me if m wrong ...

1. from client rack / switch .. pull a wire and put it into our switch which then connecte to WAN router - not connecting client LAN directly to router becoz of port usage .. dont want to give single client a dedicated port .. inturn planning of using VLAN and then terminate from switch to router LAN interface.

2. configure routing + NAT and ACL (if required)

3. .................? this is missing .. how can i allocate him specific bandwidth based on his subnet .this router will be having multiple clients like this .. with their own subnets

Please advice. and if you have some sample configuration please share if u can .Thanks for the help

5 Accepted Solutions

Accepted Solutions

Marwan ALshawi
VIP Alumni
VIP Alumni

Lets assume the subnet of client 1 is 10.1.1.0/24

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

Hope this help

If helpful rate

Sent from Cisco Technical Support iPhone App

View solution in original post

See answers below

1- no as the vlan interface works differently because it might be assigned to multiple physical interfaces

2-you might try to use shown policy map interface x/x to display the bandwidth allocation per class and the drop if any

Or you can enable net flow in the interface and use a net flow application to collect real time statistical data to see the usage per ip source, dscp marking ...etc

3- this something you have to configure as per your requirements if you can do any of the options you mentioned using same policing calm and with burst and you can mark down the exceeded traffic rather than drop it if want to

4- use same police command with burst key work

Nating will be performed to the traffic going via the outside interface so it has no issue with matching the source ip from the inbound interface

Hope this help

Plz rate the helpful posts

View solution in original post

What I meant by vlan interface is layer 3  vlan interface

In your case you will need layer 2 vlan only in the switch

And configure the router interface with above qos policy concept and all will good

HTH

View solution in original post

If you are going to divid the fe interface of the routers to sub interfaces per vlan then just apply the qos policy on the main physical interface with the appropriate class maps per source subnet

And I meant by vlan interface on the switch not the router one you referring to

HTH

View solution in original post

See below links

Use inbound inur case for the policy application

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a0080114326.shtml

http://ardenpackeer.com/qos-voip/qos-applying-cbwfq-to-a-sub-interface/

http://www.configrouter.com/topic/qos-configuration-on-fe-subinterface

You can chose to use per sub interface policy

Or one on the main interface but you need to have all the class maps of all subnets under this policy in this case

Hope this help

View solution in original post

24 Replies 24

Marwan ALshawi
VIP Alumni
VIP Alumni

Lets assume the subnet of client 1 is 10.1.1.0/24

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

Hope this help

If helpful rate

Sent from Cisco Technical Support iPhone App

Thanks for the quick reply ... couple of questions..

1. the interface you mentioned .. can be a vlan interface...?

2. can i monitor this .. and can i show this to client..in action so that he gets a confidence that he got the perfect what he asked.

3. traffic if goes above 128 will be dropped or queued ... means what will happen in this case...?

4. how can i configure CIR and bursting .. and packet drop (what do you say .. recommended or not - packet dropping)

Thansk for the help and time

one more things NAT will also come into play to convert the private to public .. no worries...?

See answers below

1- no as the vlan interface works differently because it might be assigned to multiple physical interfaces

2-you might try to use shown policy map interface x/x to display the bandwidth allocation per class and the drop if any

Or you can enable net flow in the interface and use a net flow application to collect real time statistical data to see the usage per ip source, dscp marking ...etc

3- this something you have to configure as per your requirements if you can do any of the options you mentioned using same policing calm and with burst and you can mark down the exceeded traffic rather than drop it if want to

4- use same police command with burst key work

Nating will be performed to the traffic going via the outside interface so it has no issue with matching the source ip from the inbound interface

Hope this help

Plz rate the helpful posts

thanks for the rpely .. but you saying it will not work with VLAN.. first of al am not able to understand why .. secondly .. then are you saying for each client we have to give him dedicated port from his lan to come to my router which is having WAN connection .. > i dont thnk this is practical ... ?

Please advice.. i told you wany m doing VLAN just to have multiple clients terminatiing their LAN on same interface... do you have some better idea for this

What I meant by vlan interface is layer 3  vlan interface

In your case you will need layer 2 vlan only in the switch

And configure the router interface with above qos policy concept and all will good

HTH

thanks for the time and reply again ...

when u say i dont need layer 3 interface.. what do you mean by this .. sorry it this is basic .. but i will have a switch .. Cisco 3750 on which all my client's lan will come and connect .. and from there a wire will connect the router's fe interface which logically will be then divided into LANs based on each client. and then qos policy will come into play and will be applied on each vlan interface

Please correct me if i am wrong .. Thansk for the help

If you are going to divid the fe interface of the routers to sub interfaces per vlan then just apply the qos policy on the main physical interface with the appropriate class maps per source subnet

And I meant by vlan interface on the switch not the router one you referring to

HTH

Thanks for the time and reply SIR...

do you have some sample configuration ... for my scenario ... dont have much idea how to do this .. or some article ..

i will have VLAN on the switch also which will differentiate and then on router also becoz of WAN line terminating on router.

so just to sum up .. i can have different policies per vlan interface... just worried about one thing .. if i am terminating multiple clients on same router then they will be able to see each other .. becoz of inter VLan routing. sorrent me if i am wrong. Any suggestion on this side.

Please provide some article or some sample configuration if you have ..thanks for the help

Happiness Always

See below links

Use inbound inur case for the policy application

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a0080114326.shtml

http://ardenpackeer.com/qos-voip/qos-applying-cbwfq-to-a-sub-interface/

http://www.configrouter.com/topic/qos-configuration-on-fe-subinterface

You can chose to use per sub interface policy

Or one on the main interface but you need to have all the class maps of all subnets under this policy in this case

Hope this help

Thanks for the help.. happiness Always

For the other question of isolating clients traffic and not to have then routed to each other the best way to achieve it is by using vrf lite which is a bit advanced topic in routing where you can have multiple routing instances in one physical routing and they are isolated and you need to address this with your nat cofig

Examples

http://irwanp.wordpress.com/2009/02/10/multiple-vrf-on-one-customer-site/

http://packetlife.net/blog/2009/apr/30/intro-vrf-lite/

http://fengnet.com/book/MPLS%20VPN%20Security/ch09lev1sec2.html

Vrf with nat

http://packetlife.net/forums/thread/680/

Hope this help

was thinking to use ACL to block traffic on sub interfaces not good ...?

Yes it is another option as well

i just followed this in my case..

Access-list 100 permit ip 10.1.1.0 0.0.0.255 any

Class-map client1

Match access-group 100

Policy-map p1

Class client1

Police 128000

The apply the policy inbound on the router LAN interface

You can add another acl and class map like the above per subnet

Int x/x

Service policy p1 in

but this is only working one side on uploading .. downloading is coming as it is ... secondly .. the value which u gave 128000 is this 128kbps .. how can i make sure this ..

Please advice..