03-04-2011 04:31 AM - edited 03-04-2019 11:38 AM
Hi,
I have the Hierarchical QoS Policy as mentioned below, there are three different types of traffic CBS , WEB , ANTIVIRUS.
My requirement is whenever there is no traffic matching the CBS and WEB class antivirus traffic should utilize the full bandwidth, but when there is a traffic for CBS and WEB , automatically the antivirus traffic should come down to the CIR value to make sure that CBS and web traffic is utilizing its bandwidth. Let me know whether the below config will meet the requirement or not.
class-map match-any CBS
match dscp af11
class-map match-any WEB
match dscp af21
class-map match-any Antivirus
match dscp af31
policy-map NETWORK-A-SERVICE
class CBS
bandwidth percent 50
random-detect dscp-based
class WEB
bandwidth percent 15
random-detect dscp-based
class Antivirus
police 10000 8000 8000 confirm-action transmit
policy-map parent
Class class-default
shape average 64000
service-policy child
interface FastEthernet2/1
service-policy input parent
Regards,
Hariharan k
03-04-2011 02:57 PM
Hi Hariharan k,
Not sure if i understood exactly what you mean but .... here´s what i got
" My requirement is whenever there is no traffic matching the CBS and WEB class antivirus traffic should utilize the full bandwidth"
.
If there's no congestion, the classes will share the full bandwidth, so... if there´s just antivirus traffic, it can use the full bandwidth.
" but when there is a traffic for CBS and WEB , automatically the antivirus traffic should come down to the CIR value to make sure that CBS and web traffic is utilizing its bandwidth "
from what i understood, what you mean is: When there´s congestion, antivirus traffic should get no more than a busrt of 10 k ( as per your class config), is that right ? if so... i would configure a exceed drop action of DROP under your antivirus class. Or if the antivirus traffic should have a priority over all classes, you can configure a stritc priority queue, (LLQ) for this class.
remember... policing and shaping happens regardless of congestion, queueing is only if congestion on the interface
hope that helps
03-05-2011 11:55 PM
Hi Gustavo,
Thanks for your reply, and your understanding is correct.
as you mentioned i agree "policing and shaping happens regardless of congestion".
I dont want to give LLQ for Antivirus traffic. what else we can do for achieving my requirement.
My requirement is , when there is no conjestion antivirus traffic should utilize full bandwidth.
During conjestion antivirus traffic should not utilize more than the bandwidth which is alloted to its respective class.
Problem:
In my Network currently , i have configured "bandwidth" command for all the three class, because of that when there is an antivirus traffic, its utilizing full bandwidth eventhough i have given 10 kbps and due to which CBS and WEB traffic are dropped during the AV updation.
Regards,
Hariharan k
03-06-2011 02:35 AM
Hi Hari,
The reason what I believe is happening here is that your police statement is not policing anything to 10kbps.
The below statement is saying if your AV traffic is 10kbps then transmit it. You have not set any Peak rate or any conditions as to what will happen if it exceeds 10kbps.
*** from your post
class Antivirus
police 10000 8000 8000 confirm-action transmit
What you could do is to put the below
class Antivirus
police 10000 8000 8000 confirm-action transmit exceed-action drop
or
police cir 10000 bc 8000 pir 10000 be 8000 << basically saying the minimum and maximum rate is 10kbps and not more than that
confirm-action transmit exceed-action drop
or you can transmit that with a low precedence
class Antivirus
police 10000 8000 8000 confirm-action transmit exceed-action set-dscp-transmit AF11
HTH
Regards,
Please rate if helpful
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide