QOS Strategy

Vinayaka Raman · ‎07-30-2015

There are some users abusing bandwidth using p2p via http.

I wanted to make sure one host is not consuming the guaranteed bw until i identify and add them into abuse list

Is there a way we can control the queue? i.e, 1 queue cannot be greedy and take all the bandwidth. I am referring to HTTP_ALL_CLIENTS. Within this class i wanted to restrict 1 host taking the traffic greedy.

policy-map XXX-QOS

class voice

police cir 1024000

conform-action transmit

exceed-action set-dscp-transmit default

class video

priority 1024

class Dedicated_BW_client_1

Priority X

class GRE-TRAFFIC

priority 3mbps

class HTTTP_ALL_CLIENTS

bandwidth remaining percent 90

class ABUSE

bandwidth remaining percent 5

Regards Vinayak

Joseph W. Doherty · ‎07-30-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

You can shape or police the queue, but that would limit the aggregate for the whole class, when you really want to limit an abusing user.

On the 6500, you could implement a microflow policer, but from your policy-map, I'm would suspect yours is not a 6500.

What you might do, if running an IOS that supports HQF QoS, enable fair-queue for your HTTP class. It won't limit the bandwidth abuser, but at least it will minimize the impact of such an abuser to other users.

Martin Hruby · ‎07-31-2015

Hello Vinayaka

I would recommend you setup a fair-queue configuration in your HTTP_ALL_CLIENTS class. That way all HTTP users will share the bandwidth fairly and no one user will be able to consume all the traffic. Fair-queuing ensures that high-volume flows don't starve low-volume flows. For example:

policy-map XXX-QOS
class HTTTP_ALL_CLIENTS
fair-queue

For more information see: http://www.cisco.com/c/en/us/td/docs/ios/qos/command/reference/qos_book/qos_d1.html#wp1019248

Best regards,
Martin

Joseph W. Doherty · ‎07-31-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

What Martin has posted, is "how" to do what I suggested yesterday.

Again, for non-default classes, only HQF IOS implementations support it.

If yours is pre-HQF, you can rewrite your policy such that class-default basically only gets your HTTP traffic, and use FQ there.