10-12-2012 05:45 AM - edited 03-04-2019 05:50 PM
Hello All
Hope you can help,I am trying to implement QOS on one of my companys WAN links as, i am trying to limit the bandwith used by our SAN replecating to diffrent sites, The network used a VLAN interface tied to a Fastethernet interface, what i want to try is implement traffic policing or shaping on this vlan to limit the amount to 50%. Is this possible if so can anyone help me with the configuration ?
Thank you
Solved! Go to Solution.
10-17-2012 07:14 AM
DR-RTR-1801-1#sho policy-map int vlan 40
Vlan40
Service-policy output: LIMIT_BW
Class-map: LIMIT_BW(match-all)
39937160 packets, 59861135486 bytes
5 minute offered rate 87813000 bps, drop rate 0 bps
Match: access-group 75
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
512000/512000 3200 12800 12800 25 1600
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
- 0 0 0 0 0 no
Class-map: class-default (match-any)
1707181 packets, 299892247 bytes
5 minute offered rate 550000 bps, drop rate 0 bps
Match: any
Still at 100% of BW in affraid.
Thanks
Andy
10-17-2012 07:28 AM
Okay...Can you post the complete config for the router? Class map, policy map, access-list (you may want to try an extended acl in place of the standard that you have now), and all interface configurations including svis.
What ios version are you on?
10-17-2012 07:49 AM
DR-RTR-1801-1#show running-config
Building configuration...
Current configuration : 9676 bytes
!
! Last configuration change at 15:12:05 BST Wed Oct 17 2012 by **********
! NVRAM config last updated at 11:25:25 BST Fri Oct 12 2012 by **********
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DR-RTR-1801-1
!
boot-start-marker
boot-end-marker
!
enable secret ***************
!
aaa new-model
!
!
aaa group server radius rad_admin
server *************** auth-port 1812 acct-port 1813
server *************** auth-port 1812 acct-port 1813
!
aaa authentication login default group rad_admin local
aaa authentication login eap_methods group rad_eap
aaa authentication login if_needed local
aaa authentication login conmethod local enable
aaa authorization exec default group rad_admin if-authenticated
!
!
aaa session-id common
clock timezone gmt 0
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
!
dot11 syslog
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address ***************
!
ip dhcp pool LOCAL-LAN
import all
network *************** 255.255.255.0
dns-server ***************
domain-name ***************
default-router ***************
lease 3
!
!
ip domain name ***************
ip name-server ***************
!
multilink bundle-name authenticated
isdn switch-type basic-net3
!
!
username ****** privilege 15 password 7 ***************
username ****** privilege 15 password 7 ***************
!
archive
log config
hidekeys
!
!
ip telnet source-interface Vlan1
ip tftp source-interface Vlan1
ip ssh authentication-retries 4
ip ssh version 2
!
class-map match-all LIMIT_BW
match access-group 75
!
!
policy-map LIMIT_BW
class LIMIT_BW
shape average 512000
!
!
!
!
interface ATM0
no ip address
!
dsl operating-mode auto
!
interface BRI0
no ip address
encapsulation ppp
shutdown
dialer pool-member 2
isdn switch-type basic-net3
isdn point-to-point-setup
isdn voice-priority always
isdn incoming-voice modem
ppp authentication pap
ppp multilink
!
interface FastEthernet0
no ip address
duplex auto
speed auto
!
interface FastEthernet1
description ***************
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
description DR Network
switchport access vlan 141
!
interface FastEthernet5
description Etherflow
switchport access vlan 40
bandwidth 100000
!
interface FastEthernet6
shutdown
!
interface FastEthernet7
shutdown
!
interface FastEthernet8
shutdown
!
interface Vlan1
description Network
no ip address
ip route-cache policy
ip route-cache flow
shutdown
!
interface Vlan40
description Etherflow
ip address 192.168.40.42 255.255.255.0
ip nbar protocol-discovery
ip route-cache flow
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5
ip ospf hello-interval 2
ip ospf dead-interval 6
service-policy output LIMIT_BW
!
interface Vlan141
description DR Network
ip address 192.168.2.0 255.255.255.0
ip route-cache flow
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5
ip ospf hello-interval 2
ip ospf dead-interval 6
!
interface Dialer1
no ip address
!
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
passive-interface default
no passive-interface Vlan40
no passive-interface Vlan141
network 192.168.2.0 0.0.0.255 area 0
network 192.168.40.0 0.0.0.255 area 0
!
ip forward-protocol nd
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip forward-protocol udp bootpc
!
ip flow-cache timeout active 1
ip flow-export source Vlan141
ip flow-export version 5
ip flow-export destination 192.168.128.16 9996
!
ip http server
ip http authentication aaa
ip http secure-server
!
ip radius source-interface Vlan1
access-list 75 permit 192.168.2.21
access-list 101 permit esp any any
access-list 101 permit ip any any
snmp-server community ********** RO
snmp-server community ********** RW
snmp-server ifindex persist
snmp-server contact
!
!
!
route-map vl142-policy permit 10
description
match ip address vlan142
set ip next-hop 192.168.40.41
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 120 0
login authentication conmethod
stopbits 1
line aux 0
exec-timeout 120 0
stopbits 1
line vty 0 4
exec-timeout 120 0
password 7 1414131804013D
transport input telnet ssh
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
10-17-2012 08:11 AM
What ios are you on? "show ver"
10-17-2012 11:58 PM
DR-RTR-1801-1#show ver
Cisco IOS Software, C180X Software (C180X-ADVIPSERVICESK9-M), Version 12.4(15)T13, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 07-Apr-10 09:56 by prod_rel_team
ROM: System Bootstrap, Version 12.3(8r)YH8, RELEASE SOFTWARE (fc2)
DR-RTR-1801-1 uptime is 6 days, 23 hours, 29 minutes
System returned to ROM by power-on
System restarted at 08:26:41 BST Thu Oct 11 2012
System image file is "flash:c180x-advipservicesk9-mz.124-15.T13.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 1801 (MPC8500) processor (revision 0x400) with 118784K/12288K bytes of memory.
Processor board ID FHK112616Q3, with hardware revision 0000
9 FastEthernet interfaces
1 ISDN Basic Rate interface
1 ATM interface
31360K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
10-18-2012 03:36 AM
I'd recommend updating the ios on the router. I didn't find a specific issue, but there are several issues with qos that were fixed in later versions.
10-18-2012 03:48 AM
Hello John
We have tested version 15.0 and this causes the routers to just restart so we can not risk this on our main WAN router at this time.
Thanks for your help
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide