07-30-2015 10:06 AM - edited 03-05-2019 01:58 AM
There are some users abusing bandwidth using p2p via http.
I wanted to make sure one host is not consuming the guaranteed bw until i identify and add them into abuse list
Is there a way we can control the queue? i.e, 1 queue cannot be greedy and take all the bandwidth. I am referring to HTTP_ALL_CLIENTS. Within this class i wanted to restrict 1 host taking the traffic greedy.
policy-map XXX-QOS |
class voice |
police cir 1024000 |
conform-action transmit |
exceed-action set-dscp-transmit default |
class video |
priority 1024 |
class Dedicated_BW_client_1 |
Priority X |
class GRE-TRAFFIC |
priority 3mbps |
class HTTTP_ALL_CLIENTS |
bandwidth remaining percent 90 |
class ABUSE |
bandwidth remaining percent 5 |
07-30-2015 11:58 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
You can shape or police the queue, but that would limit the aggregate for the whole class, when you really want to limit an abusing user.
On the 6500, you could implement a microflow policer, but from your policy-map, I'm would suspect yours is not a 6500.
What you might do, if running an IOS that supports HQF QoS, enable fair-queue for your HTTP class. It won't limit the bandwidth abuser, but at least it will minimize the impact of such an abuser to other users.
07-31-2015 01:38 AM
Hello Vinayaka
I would recommend you setup a fair-queue configuration in your HTTP_ALL_CLIENTS class. That way all HTTP users will share the bandwidth fairly and no one user will be able to consume all the traffic. Fair-queuing ensures that high-volume flows don't starve low-volume flows. For example:
policy-map XXX-QOS
class HTTTP_ALL_CLIENTS
fair-queue
For more information see: http://www.cisco.com/c/en/us/td/docs/ios/qos/command/reference/qos_book/qos_d1.html#wp1019248
Best regards,
Martin
07-31-2015 02:21 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
What Martin has posted, is "how" to do what I suggested yesterday.
Again, for non-default classes, only HQF IOS implementations support it.
If yours is pre-HQF, you can rewrite your policy such that class-default basically only gets your HTTP traffic, and use FQ there.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide