Solved: QoS configuration from High Bandwidth Hub to low Bandwidth spoke over MPLS

will · ‎05-19-2015

I'm working on a traditional MPLS network, which is fully meshed, with lets say 25 spoke sites at 1 T1 Mbps each going to a Hub datacenter running at 50 Mbps. Consider an RDP app running on Hub server to clients at spoke sites. Each site has 20 PC's that could each consume anywhere from 250Mbps-1000Mbps of spike-y bandwidth to pull down the RDP app. This equates to a total of 5-20 Mbps total possible for each site, well over the T1 allocated for them.

How do I configure QoS such that:

1. I limit the total BW consumption at each site to 50% max for RDP?

2. prevent RDP from clobbering itself over the allocated 1/2 T1 (750 Mbps) among the 20 PC's at each site?

I think I know the answer to number 2! :) buy more bandwidth. Or throttle RDP such that it doesn't use as much bandwidth pre client session - done on the RDP server itself. If I'm wrong, let me know.

Regarding number 1, it seems like since I have no PVC's to each site, my output QoS policy on the Hub site for RDP is not possible. For example, I cannot do a priority queue with a certain bandwidth percent because this will be from the total 50 Mbps. So if I constrained the Hub to 50% of 50 Mbps, it would simply limit overall RDP to all sites, still allowing one site to try to pull down too much RDP. On the other hand, If I constrained RDP on the Hub circuit to 750 Kbps, it would constrain this for all sites and not effectively use the 50 Mbps bandwidth. Any ideas on this?

thx in advance,

Will

milan.kulik · ‎05-20-2015

Hi,

I'm afraid if you want to limit RDP traffic output on the hub site per each spoke site, you would need to configure multiple RDP queues (per each remote site) on the hub router.

I.e., you would need to match destination IP addresses additionally to the RDP ports for each queue.

Plus you would need to configure a policer for each queue dropping traffic exceeding the limit (750 kbps you mentioned).

Which would be pretty annoying for 25 spoke sites :-(

Best regards,

Milan

View solution in original post

Joseph W. Doherty · ‎05-20-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

One method to address your issue, if your device support CBWFQ, you define one class for each branch and shape for the branch's bandwidth. Each branch class also invokes a child policy, where you manage the traffic as you desire.

View solution in original post

milan.kulik · ‎05-20-2015

Hi,

I'm afraid if you want to limit RDP traffic output on the hub site per each spoke site, you would need to configure multiple RDP queues (per each remote site) on the hub router.

I.e., you would need to match destination IP addresses additionally to the RDP ports for each queue.

Plus you would need to configure a policer for each queue dropping traffic exceeding the limit (750 kbps you mentioned).

Which would be pretty annoying for 25 spoke sites :-(

Best regards,

Milan

will · ‎05-20-2015

thx guys, I was afraid of those answers. I actually have 52 sites, but kept it simple for the questions. so can I even configure that many classes for each site? would I do something like this:

class-map site1

...

class-map siteN ! can I configure 50 of these? might even need 3 per site for other traffic.

policy-map SiteQoS

class-map siteN ! will the policy-map hold this many class-maps?

interface Ethernet1

service-policy output SiteQos

Many thx for the initial respsones!

Will

Joseph W. Doherty · ‎05-20-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

52 shouldn't be an issue. I recall even the earliest CBWFQ supported 64 classes. Next version I recall supported 256 classes.

Unclear why you would need 3 per site. In fact, that might defeat the whole purpose, which is to manage the aggregate bandwidth to the branch site.

will · ‎05-20-2015

thx joseph, I would need an overriding policer for each T1 site. and within that I have 2-3 classes of other traffic in addition to RDP. so I would probably have to define those classes for each site

SITE1_CL1 (Voip), SITE1_CL2 (RDP), SITE1_CL3 (Web), default

as an example. so that's where I was getting the 3 x 50 sites or about 150 classes.

Anyone seen any CPU constraints when running such a configuration with so many classes? will run for now on a 6509 with a VS-S720-10G

Joseph W. Doherty · ‎05-20-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The good news, is you often use the same subordinate/child policy across all your sites, e.g.:

policy-map parent

class site1

shape average 1500000

service-policy child

class site2

shape average 1500000

service-policy child

class siteN

shape average 1500000

service-policy child

policy-map child

class voip

priority percent 30

class rdp

bandwidth remaining percent 50

class web

bandwidth remaining percent 25

class class-default

bandwidth remaining percent 25

The bad news is, typical 6500s don't support egress CBWFQ (unless you have something like a FlexWAN card).

Joseph W. Doherty · ‎05-20-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

One method to address your issue, if your device support CBWFQ, you define one class for each branch and shape for the branch's bandwidth. Each branch class also invokes a child policy, where you manage the traffic as you desire.