Solved: Re: IP Flow Based QOS on a WAN Circuit

robert.horrigan · ‎05-25-2011

Howdy WAN Experts,

I have been having issues where a single IP flow will take up too much bandwidth for extended periods of time. I would like to implement a flow-based qos method to limit the throughput, say to 5Mb, for every single IP flow unless otherwise noted. Is this something that is possible? I have been mulling over the below but my belief is that this will limit all traffic to 5Mb vice every flow to 5Mb. Any ideas on the mechanism to support this? Any input would be very appreciated.

Ip access-list ext all_wan_flows

Permit ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0

class-map match-all wan_flows

description Shape all WAN Flows

match access-group name wan_flows

policy-map wan_flows

class wan_flows

shape average 5000000

class class-default

random-detect

set dscp default

int posx/x/x

service policy input wan_flows

int Gigx/x

service policy input wan_flows

Joseph W. Doherty · ‎05-25-2011

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The only Cisco platform that I recall that I believe supports individual flow rate limiting is the 6500's (and 7600?) Microflow policer.

However, what exactly is meant by taking up too much bandwidth for too long? If the issue is competition for bandwidth between different traffic types, traffic prioritization, I believe, is a much better solution.

View solution in original post

Joseph W. Doherty · ‎05-25-2011

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The only Cisco platform that I recall that I believe supports individual flow rate limiting is the 6500's (and 7600?) Microflow policer.

However, what exactly is meant by taking up too much bandwidth for too long? If the issue is competition for bandwidth between different traffic types, traffic prioritization, I believe, is a much better solution.

robert.horrigan · ‎05-25-2011

Thanks a lot on the microflow policer tip - rate5. Exactly what I was looking for. Have you used this in production? I see a per-interface netflow gotcha, but other than that, this seems like a great feature.

Joseph W. Doherty · ‎05-25-2011

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Nope, haven't had the chance to use it. It always seems, when I want to try it, don't have a 6500, and when I don't need it, then I have a 6500.