Re: Segregation main dia link 100mbps into 2 connection through router

Junaid-altaf87 · ‎05-04-2025

Hi,

Ihave isp connection DIA100mbps. i am isolation this connection in 60mb & 40mb. I am using 2921 w/o sec for main connection 0/0, 0/2 40mbps to tplink switch SG2428 0/1 60mbps through point to point power beam 5ac to router 2 2921. 0/1 s1 cbs250 16p to 12ap's cbw150ax, 0/2 s2cbs250 16p to 12ap's cbw150ax & 0/0/0 s3 cbs250 16p to 12ap's cbw 150 ax. Router 2 have 250+ users due to congestion on peak hours 9pm to 11pm and Friday 12:30pm to 11pm, it effect r1 0/2 interface. I have applied d/f policies shaping, caping, policing, qos, cbwfq, vrf, acls on router1. but its not functioning on peak hours. what should i do to get rid of this?

Joseph W. Doherty · ‎05-04-2025

If I correctly understand your situation and your issue, generally, you can mitigate performance issues with (appropriate) QoS and/or additional bandwidth.

Although you may have tried various QoS techniques, one common, and very significant, limitation is being unable to enact QoS on the Internet side. So, generally you're left with the need to obtain more bandwidth.

As an aside, in the past, there were some 3rd party "appliances" that used some interesting techniques to manage ingress bandwidth utilization upstream of the device. However those techniques aren't effective for all traffic types, and for those that are effective on some traffic types, a Cisco router either cannot do them at all, or does them very poorly.

If you do acquire more bandwidth, you might begin to bump into the performance capacity of a 2921. I.e. you may also need to acquire a more powerful router.

Junaid-altaf87 · ‎05-04-2025

thank you for your feedback @Joseph W. Doherty It's remotely area bandwidth is costly. we can't increase it. what is your suggestion if we add the hardware like L3 switch/firewall/bridge/Qos (mikrotik its not cost affective too) inline r1 and r2. would it work or not?

Joseph W. Doherty · ‎05-04-2025

Again, QoS might do wonders for your situation, but the fundamental problem is, when using the Internet, you cannot (almost always) obtain QoS from the Internet to you. (Technically, it's easy, but the business model of ISPs and SPs, is to sell you more bandwidth.)

Is there anything you can do on just your routers to manage the Internet bandwidth coming to you?

Yes there is, but it usually doesn't work very well, although with EEM scripting, you might be able to improve such ingress bandwidth management, but as I mentioned in my prior reply, dedicated hardware appliances, designed for this purpose, which are much more capable than one might be done on a router even with EEM scripting, couldn't handle all cases, some of which that would be trivial for upstream egress QoS to you.

The one 3rd party appliance brand, that I recall that was "big" in this niche, was Packeteer. I'm unsure whether their products are still available new/supported. I also recall, that there was at least one somewhat equal competitor, but don't recall their name.

I'm going to send you a PM giving one example (fortunately uncommon) of the fundamental problem of ingress bandwidth management.

Junaid-altaf87 · ‎05-04-2025

@Joseph W. Doherty so 3rd party appliances is a option. the segmentation devices is available in the market. we can use according to our requirements. thank you

Segregation main dia link 100mbps into 2 connection through router.