Traffic shaping 2960s

Roel Reyes · ‎02-21-2018

Hi,

I'm planning to limit a certain bandwidth base on my client subscribed eg. 2Mbps, 10mbps, 5Mbps,

The problem is i dont like to use rate limit from my router since it will drop excess traffic, and traffic shaping will do only on outbound interface, my solution is traffic shape outbound using ACL where client terminated, then use again traffic shaping on trunk port matching client ACL, in that way client traffic will shape download but upload also. Kindly advise if there is something wrong.

paul driver · ‎02-21-2018

Hello

you cannot control ingress wan traffic As by the time the TS or policing is initiated then the traffic would have aready traversed the wan link.

Usually :

TS is for egress traffic

policing is an ingress traffic

what you could do is -

1) classify and police ingress from your lan on the rtrs lan facing interface

2) Traffic shape the mark egress traffic on your wan facing interface

res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Roel Reyes · ‎02-21-2018

yea but police would make my excess traffic dropped,

What if

1) Traffic shape egress traffic lan facing interface

2) Traffic shape egrees traffic wan facing interface

At least no excess traffic will be dropped?

Thanks

Roel Reyes · ‎02-21-2018

then only ACL or client network will be match on the shaping rule

paul driver · ‎02-22-2018

Hello
Yes and No -

The excess policed traffic can be remarked and classified if you wished so it doesn’t get dropped so then it could given a different bw allocation

Res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Roel Reyes · ‎02-22-2018

"Yes" you mean i can do both shaping egress on wan and lan facing interface.

Joseph W. Doherty · ‎02-22-2018

"you cannot control ingress wan traffic"

Sometimes you can.

If you're working with TCP based traffic, the sender will slow if it detects packet loss. Later TCP implementations may also slow if they detect a jump in end-to-end latency.

So, if you rate limit or shape WAN traffic, even though its downstream of a WAN link, with TCP you may impact the download rate. Unfortunately, depending on drops and/or queuing delay tends to be slow and/or imprecise in controlling the sender's transmission rate.

Another technique, for upstream TCP ingress rate control is to shape the return ACKs. This too is imprecise and can be slow to control the sender's rate.

Or course, a policer or shaper will precisely control the bandwidth provided to the downstream client, but again, its imprecise for truly controlling upstream ingress WAN bandwidth usage.

Non-TCP traffic may, or may not, slow their rate when they detect packet loss and/or jumps in latency.

There are special appliances that can better manage WAN ingress bandwidth. They much better monitor flow bandwidth and can regulate ACKs much more precisely and/or they "spoof" the receiver's TCP RWIN to control what the TCP sender transmits.