Re: Police percent not supported - no bandwidth for percent calculatio

lamprop · ‎05-31-2022

Hello,

I want to perform QoS on specific (or all the) L2TP sessions that establish on ASR1006 router (LNS).

What I have managed already is to set a police at a specific rate for a class that matches access-list 100 with the following code and it is working ok (tried one user and it limits bandwidth to 800 kbps):

class-map match-all class1
 match access-group 100
!
policy-map child
 class class1
  police 800000 100000 100000 conform-action transmit exceed-action set-qos-transmit 1 violate-action drop
policy-map parent
 class class-default
  service-policy child

Now what I want is to set the police cir as a percentage because I want to apply the policy-map on various pppoe sessions with different speed. But when for example I change the police with "police cir percent 50 pir percent 60" I get the following error:
police percent not supported - no bandwidth for percent calculation

Please your help.

Dan Frey · ‎05-31-2022

QoS needs a percentage of a specific bandwidth value. Add config "bandwidth qos-reference <value>" to the interface.

lamprop · ‎05-31-2022

If it was only one interface I could do that. But I speak about L2TP sessions on a LNS. Every session is a Virtual Access interface with different bandwidth...

I apply the policy-map either on the Virtual Template or at specific user(s) through Radius. I can't execute your solution.

Dan Frey · ‎05-31-2022

I use RADIUS to apply the config to the virtual access interface when it gets spawned when a user connects. The bw percent in the policy remains the same (50%) and the qos-reference <value> is set accordingly per user. The service policy is also applied to the virtual-access interface via RADIUS attributes.

vpnuser3@xxxxxxx.com         Cleartext-Password := "xxxxxxxx"        
                                Cisco-AVPair += "ip:interface-config=vrf forwarding A10",
                                Cisco-AVPair += "ip:interface-config= ip unnum Loopback10",
                                Cisco-AVPair += "ipsec:route-accept=any",
                                Cisco-AVPair += "ip:interface-config=service-policy output QoS_G8_CUST",
                                Cisco-AVPair += "ip:interface-config=description AAA tunnel3",
                                Cisco-AVPair += "ipsec:addr-pool=dlabFlexPool",
                                Cisco-AVPair += "ip:interface-config=bandwidth qos-reference 200000",
                                Cisco-AVPair += "ipsec:route-set=local ipv4 10.3.3.0 255.255.255.0",
                                Cisco-AVPair += "ipsec:route-set=local ipv4 10.80.80.1 255.255.255.255",
                                Cisco-AVPair += "ip:interface-config=ip mtu 1400",
                                Cisco-AVPair += "ip:interface-config=ip tcp adjust-mss 1360",
                                Cisco-AVPair += "ipsec:ikev2-password-local=xxxxxxxxx",
                                Cisco-AVPair += "ipsec:ikev2-password-remote=xxxxxxxxx",
                                Cisco-AVPair += "ip:interface-config=qos pre-classify",
                                Cisco-AVPair += "ip:interface-config=service-policy input QoS-IPSEC-IN-POLICY",
                                Cisco-AVPair += "ipsec:route-set=interface"

lamprop · ‎05-31-2022

Thank you very much but it is not what I need. I want the interface bandwidth to be discovered automatically.

Police percent not supported - no bandwidth for percent calculation