Solved: QOS Question ?

Andrew Melsom · ‎10-12-2012

Hello All

Hope you can help,I am trying to implement QOS on one of my companys WAN links as, i am trying to limit the bandwith used by our SAN replecating to diffrent sites, The network used a VLAN interface tied to a Fastethernet interface, what i want to try is implement traffic policing or shaping on this vlan to limit the amount to 50%. Is this possible if so can anyone help me with the configuration ?

Thank you

John Blakley · ‎10-18-2012

I'd recommend updating the ios on the router. I didn't find a specific issue, but there are several issues with qos that were fixed in later versions.

HTH, John *** Please rate all useful posts ***

View solution in original post

Andrew Melsom · ‎10-16-2012

As no one has replied to this, i can only guess my description is to poor.

What i want to to is limit the amount of bandwith Server1 uses across our WAN link between our two sites, currenty we have a 100Mb link and this is using 100% of this and i would like to limit this to 50%. We have a cisco 1801 router using FA 4 as a SVI linked to VLAN 141 and (this is the internal side of the network). Then we have FA 5 witch is a SVI linked to VLAN 40 (this is the outside that sends traffic across our WAN). If i create a policy-map and implement traffic policing on the FA inerfaces nothing happens. If i try to apply the policy-map to a VLAN the router comes back "configuration failed !".

access-list 75 permit 192.168.2.21

Show Policy-Map

Policy Map LIMIT_BW
    Class LIMIT_BW
     police cir 52428500 bc 1638390
       conform-action transmit
       exceed-action drop

Show Class-Map

Class Map match-all LIMIT_BW (id 1)
Match access-group 75

Any ideas ?

Thanks Again

John Blakley · ‎10-16-2012

Andrew,

If you're trying to control traffic between 2 endpoints, you should shape the traffic outbound. Try this on your wan interface:

access-list 75 permit 192.168.2.21

class-map LIMIT_BW

match access-group 75

policy-map LIMIT_BW

class LIMIT_BW

shape average percent 50

Apply it on the wan interface outbound:

int

service-policy output LIMIT_BW

You'll need to do this on both sides of the link.

HTH,

John

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

Hello John

i have applied this both ends and the traffic is still usin 100% of the BW any ideas ?

Policy Map LIMIT_BW_TO_WEYBRIDGE

Class LIMIT_BW_TO_WEYBRIDGE

Traffic Shaping

Average Rate Traffic Shaping

CIR 50 (%) Max. Buffers Limit 1000 (Packets)

Thanks

Andy

John Blakley · ‎10-17-2012

Can you post "show policy interface", "sh run class-map", "sh run policy-map" and the acl that you're using to match on?

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

DR-RTR-1801-1#show policy-map int fa 5
FastEthernet5

Service-policy output: LIMIT_BW

    Class-map: LIMIT_BW (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group 75
      Traffic Shaping
           Target/Average   Byte   Sustain   Excess    Interval Increment
             Rate           Limit bits/int bits/int (ms)      (bytes)
               50 (%)                0 (ms)      0 (ms)
         50000000/50000000 312500 1250000   1250000   25        156250

        Adapt Queue     Packets   Bytes     Packets   Bytes     Shaping
        Active Depth                         Delayed   Delayed   Active
        -      0         0         0         0         0         no

    Class-map: class-default (match-any)
      1 packets, 377 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

John Blakley · ‎10-17-2012

What device do you have this policy configured on? The 1801 or is it on the switch?

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

This is on the 1801 router

John Blakley · ‎10-17-2012

I'm assuming the following:

Server ---> switch ---> (lan)Router(wan)

Is the above correct? Are you natting on the 1801?

Can you post "show access-list 75"?

*** Edit ***

Can you post the running config from the router...mask out the public IPs please...

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

Yes you are correct with the Server ---> switch ---> (lan)Router(wan), We are not natting across our WAN.

DR-RTR-1801-1#show ip access-lists 75

Standard IP access list 75

10 permit 192.168.2.21 (8944319 matches)

Thanks

Andy

John Blakley · ‎10-17-2012

If you're not natting, there's simply no reason that I can think of that wouldn't match on this policy. What ios version are you running? Have you looked for bugs?

Is F5 your wan interface that has the wan address on it?

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

Hi john

Not sure if this helps ?

interface Vlan40
description Etherflow to ********
ip address 192.168.40.42 255.255.255.0
ip nbar protocol-discovery
ip route-cache flow
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 *******************
ip ospf hello-interval 2
ip ospf dead-interval 6

interface FastEthernet5
description Etherflow to **********
switchport access vlan 40
bandwidth 100000
service-policy output LIMIT_BW

Thanks

John Blakley · ‎10-17-2012

Try moving the service policy off of fa5 to vlan 140 svi and you should start getting hits...

HTH,

John

HTH, John *** Please rate all useful posts ***

Andrew Melsom · ‎10-17-2012

DR-RTR-1801-1#sho policy-map interface vlan 40
Vlan40

Service-policy output: LIMIT_BW

    Class-map: LIMIT_BW (match-all)
      575024 packets, 861903336 bytes
      5 minute offered rate 19344000 bps, drop rate 0 bps
      Match: access-group 75
      Traffic Shaping
           Target/Average   Byte   Sustain   Excess    Interval Increment
             Rate           Limit bits/int bits/int (ms)      (bytes)
               50 (%)                0 (ms)      0 (ms)
         50000000/50000000 312500 1250000   1250000   25        156250

        Adapt Queue     Packets   Bytes     Packets   Bytes     Shaping
        Active Depth                         Delayed   Delayed   Active
        -      0         0         0         0         0         no

Class-map: class-default (match-any)
      10184 packets, 1850703 bytes
      5 minute offered rate 52000 bps, drop rate 0 bps
      Match: any

Still using 100 % of the BW

Thanks

Andy

John Blakley · ‎10-17-2012

Hey! We're getting closer At least we're seeing hits on the class map where you weren't before...

Try removing "shape average percent 50" and replace with half of your bandwidth. Let's say you have a 1Mb circuit, half of that would be 512k:

shape average 512000

Then see if you're shaping... Your "Shaping Active" line should say Yes

HTH, John *** Please rate all useful posts ***