08-27-2019 11:22 AM
Greetings,
We are experiencing a lot of packet loss on one of our 250Mbps circuits. AT&T has stated that the issue is being caused by our lack of a traffic shaping policy. Can someone help us with a basic policy?
Cisco 4321 router
Connection is 250Mbps/250Mbps fiber
Single mode fiber
1000Base-LX modules
They say the problem is because we have a 1000Mbps port, but only a 250Mbps connection to the MPLS.
Thanks
08-27-2019 12:14 PM - edited 08-27-2019 12:16 PM
Hello,
here is a basic configuration:
policy-map SHAPE_250
class class-default
shape average 250000000
!
interface GigabitEthernet0/0/1
description Uplink to AT&T
service-policy output SHAPE_250
08-27-2019 12:18 PM
Would this be applied to the physical interface or the sub-interface?
08-27-2019 12:59 PM
Hello,
you might not be able to apply it the service policy to a subinterface. Try it, and if you get an error message telling you that CBWFQ, you probably need to create a parent policy first.
08-28-2019 01:50 AM - edited 08-28-2019 01:52 AM
Hello
You dont mention any prioritization for any traffic but would suggest you append some to cetain traffic like voice/video/routing protocols etc..
Saying that a default shaping policy seems to be what you are asking for, below is a example of a shaping policy with fair queuing.
policy-map WAN_Child
class class-default
fair queue
policy-map WAN_Parent
class class-default
shape average 256000000
service-policy WAN_Child
int x/x
Description WAN interface
service-policy output WAN_Parent
08-28-2019 06:14 AM
Thanks for the replies. Now they are telling me that we need a shaping policy and a CoS policy. Can anyone assist with basic CoS as well?
08-28-2019 06:53 AM - edited 08-28-2019 06:57 AM
Hello
It would be good to know what qos policy’s if any your isp are expecting - you would probably need to mark/classify traffic to meet their qos policy otherwise certain priority traffic you set could not meet your isp qos policy's and thus get either reclassified or even dropped
08-28-2019 06:59 AM
Here are examples they gave us:
Class-map match-any COS5 !Non-business or “scavenger” traffic
match access-group name COS5-Traffic !See ACL examples below
!
class-map match-any COS3 !Multi-second response time apps
match access-group name COS3-Traffic !See ACL examples below
!
class-map match-any COS2V !Video conferencing app
match access-group name COS2V-Traffic !See ACL examples below
!
class-map match-any COS2 !Sub-second response time apps
match access-group name COS2-Traffic !See ACL examples below
match ip dscp af31 !Traffic pre-marked with DSCP AF31
!
class-map match-any COS1 !VoIP
match ip dscp ef !COS 1 for pre-marked real time traffic
!
class-map match-any COS5-Traffic !Video streaming
match ip dscp af11 !COS 5 for pre-marked real time traffic
policy-map COS
class COS1
priority 256 !Allocate 256K for real time traffic- provides LLQ
set ip dscp ef
class COS2
bandwidth remaining percent 30
set ip dscp af31
queue-limit 600 packets ! see paragraph above
class COS2V
bandwidth remaining percent 50
set ip dscp af41
queue-limit 600 packets
class COS3
bandwidth remaining percent 15
set ip dscp af21
queue-limit 600 packets
class COS5
bandwidth remaining percent 1
set ip dscp af11
queue-limit 600 packets
class class-default !Class-default is pre-defined in IOS; it matches any
bandwidth remaining percent 4 !remaining traffic
set ip dscp default
queue-limit 600 packets
policy-map ETHERNETSHAPING !”Parent policy”
class class-default
shape average <Target Rate> <Bc> <Be> account user-defined 28
!See details below
queue-limit 2048 !See paragraph below
service-policy COS !Nested COS “child” service-policy. For example see “policy-map COS” in Section 3.2 “Create a Policy”
interface FastEthernet0/0
description ** 10M AVPN Ethernet **
no ip address
duplex full
speed 100
max-reserved-bandwidth 100
interface FastEthernet0/0.1139
encapsulation dot1Q 1139
ip address 10.64.42.253 255.255.255.252
no cdp enable
service-policy output ETHERNETSHAPING !Shaping policy applied to the sub-interface
08-28-2019 07:14 AM
Hello,
the sample policy they sent you is geared towards voice/video real time traffic. Is that what you actually use in your network, and are you actually experiencing latency ? In the original post you were talking about packet loss...
Post the output of:
show interfaces x
where 'x' is the outgoing (sub)interface.
08-28-2019 08:35 AM - edited 08-28-2019 08:39 AM
Backstory - We are cutting over from old AVPN to new AVPN. We migrated Site 1 (corporate office), then remote sites 2-6 and everything went well. After we cutover Site 7 (disaster recovery site), we starting experiencing massive packet loss on Site 1 (corporate office). I feel that AT&T was just guessing at the issue as they told us they were "sure" it was many different things. After doing what they suggested each time, the issue remained. Here is what we have done so far...
After none of these fixed the issue, AT&T said that we needed to create a traffic shaping policy. I worked with one of our Cisco consultants yesterday and we did that, but the problem still remains. Now AT&T wants us to create a CoS policy as well. Here's the kicker, if I disable the LAN side of Site 7's router (disaster recovery site), the packet loss stops. However, AT&T says that circuit is not the cause of our issues...
08-28-2019 10:20 AM - edited 08-28-2019 10:20 AM
Hello,
--> if I disable the LAN side of Site 7's router (disaster recovery site), the packet loss stops.
Can you post a schematic overview of your network topology ? We have no idea what site 7 is and how it is connected to the AT&T circuit. What traffic is this site sending ?
That said, it sounds like your problems are not specifically related to voice/video/real-time traffic, but rather to an overall packet loss. In which case the detailed QoS policy suggested by AT&T probably won't help much.
Have you tried the shaping policy that was suggested by us ?
08-28-2019 10:36 AM
Each of the seven sites has a direct link back to the AT&T AVPN. So we have our CER and the next hop is the PER. Then it's on AT&T's network.
08-28-2019 10:45 AM - edited 08-28-2019 11:40 AM
"After we cutover Site 7 (disaster recovery site), we starting experiencing massive packet loss on Site 1 (corporate office)."
Possibly due to volume of traffic to keep DR site in "sync".
Often MPLS WANs are provisioned as multi-point. You generally have congestion point going into the MPLS WAN cloud, which, with a router, is easy to manage such congestion with an egress interface (to cloud) QoS policy. If the physical interface provides more bandwidth then your guaranteed rates, you can (and should) shape the traffic to the provisioned rate. Optionally you can selectively prioritize your egress traffic.
A MPLS WAN, multi-point, might also congest from their cloud to your site. (Congestion within the MPLS cloud is possible, but shouldn't be a factor if you keep under you contracted data rates.) If such WAN egress congestion is due to aggregate traffic from more than one site to another, your only (sub-optimal) way to manage that is to shape all your sites so their total possible aggregate doesn't oversubscribe the egress link more than you desire. The (much) better way, is to have QoS on the MPLS WAN egress (to your site) interface. Generally, MPLS vendors support some form of the latter. What you need to do, is select the most optimal option your MPLS provider offers, and work within its framework (generally accomplished by usage of agreed upon IP ToS markings).
BTW, few (including consultants from AT&T or Cisco) truly well understand how to use QoS effectively. Many also don't appreciate the possible impact of short term (i.e. microbust) transient congestion.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide