Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
417
Views
0
Helpful
1
Replies

QoS - Policing/Shaping and WRED on Cisco 1921 with DSL

phillipwhitenz
Level 1
Level 1

ā€Ž01-26-2017 06:51 AM - edited ā€Ž03-05-2019 07:55 AM

Hi There,

This topic has been brought up before, but i haven't found a QoS config that works with Dialer interfaces.

We have a Cisco 1921 with 2x VDSL connections each with 50Mbps/12Mbps and one Gigabit interface. We would like to limit the amount of bandwidth that people can take on each VDSL connections.

The VDLS connections are Dialer interfaces, connected to virtual Ethernet interfaces:

interface Dialer0
ip address negotiated
ip access-group 102 in
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname <username>
ppp chap password <password>
ppp ipcp dns request
ppp ipcp route default
no cdp enable
!
interface Dialer1
ip address negotiated
ip access-group 101 in
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 2
dialer-group 2
ppp authentication chap callin
ppp chap hostname <username>
ppp chap password <password>
ppp ipcp dns reject
no cdp enable

And the virtual interfaces:

interface Ethernet0/0/0.7
encapsulation dot1Q 7
pppoe enable group global
pppoe-client dial-pool-number 1

interface Ethernet0/1/0.7
encapsulation dot1Q 7
pppoe enable group voip
pppoe-client dial-pool-number 2

And the route maps:

route-map Telekom permit 10

match ip address 198
set interface Dialer1

route-map Telekom permit 20
match ip address 199
set interface Dialer0

I have tried to do something really basic, just to get it working I want to drop packets for one ip.

Create an ACL for 1 ip:

access-list 197 permit ip host 192.168.2.244 any

Create class and policy's:

class-map match-any acl-197
match access-group 197
policy-map acl-197
class acl-197
drop

What interface do I assign the policy? I have it working with the Gigabit interface on inbound. But i want to restrict it to only the Dialer interfaces. I have tried to assign it to interface Ethernet0/0/0.7, inbound. But it wasn't working.

Any tips on doing shaping, policing and WRED on Dialer interfaces/VDSL connections?

Labels:
0 Helpful
1 Reply 1

Joseph W. Doherty
Hall of Fame
Hall of Fame

ā€Ž01-26-2017 07:30 AM

Hmm, IP MTU 1452?  If PPPoE, I would expect a MTU of 1492 (also then, your adjust-mss 1452 would be as expected too).

As to tips . . .

Regarding WRED, I generally suggest avoiding it, as to get it to work optimally, is much more complicated than one would expect.

Shaping, as you might already be aware, can only be used for egress, while policing can be used for ingress or egress.  Default policer settings, tend to throttle traffic more than a similar physical bandwidth would, this due to the policer dropping earlier than a physical interface would.  Policer and shaper bandwidth settings, I believe on most Cisco platforms, don't account for L2 overhead.  I've found using bandwidth settings about 15% "slower" usually account well for average L2 overhead.

On a typical Cisco router, trying to effectively manage ingress bandwidth, beyond setting a cap on what downstream might obtain, is often wasted effort.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card