06-03-2013 05:51 AM - edited 03-04-2019 08:05 PM
Hi Folks,
I need to implement Traffic shaping & policing on remote site router; topology is Hub & Spoke, star topology with MPLS connectivity.
My concern is which direction shaping & policing should be applied?
Cheers
Ashok
06-03-2013 06:18 AM
Ashok
It may be beneficial to be clear what you want to accomplish by using shaping or policing. Do you have a concern about traffic going from the spoke through MPLS to the hub? Do you have a concern about traffic going from the hub to the spoke through MPLS? Do you have a concern about traffic going in both directions? Answering this will help to clarify whether you want shaping or policing on just the spoke, on just the hub or on both.
If you are trying to protect the MPLS then the shaping or policing should be done on outgoing traffic from the device.
HTH
Rick
06-03-2013 06:29 AM
Rick
I'm concerned about incoming traffic on remote location; basically I need a smart remification of inbound traffic congestion on remote site. I have multhomed environment with 2 WAN links.
Cheers
Ashok
06-03-2013 06:26 AM
Hello
Depends on what you want to do, In a hub& spoke scenario you can shape either side of the hub & spoke connections and this would be a feasible setup.
Shaping - Always egress function- exiting router -
In times of congestion It queues the traffic so the router can use qos queuing tools to give better performance of particular types of packets
Policing -Ingress/egress function - but usually is set ingress for when traffic is entering into a interface from you lan and preventing /dropping of traffic that exceeds it set limit from exiting on the wan link and over utilizing the wan connection.
res
Paul
res
Paul
Please don't forget to rate any posts that have been helpful.
Thanks.
06-03-2013 06:32 AM
HI Paul,
Would it be advisiable, using policing inbound at WAN interfaces of remote site router?
Cheers
Ashok
06-03-2013 07:14 AM
Hello Ashok,
This will only beneficial for traffic going into your lan from the wan link, it would not stop the wan link being over unitised if no rating limiting or shaping isn't applied outbound at the other end. - this is especially important at the hub site with multiple spokes sharing the WAN link.
If you shape either side of the hub/spoke outbound then you can manipulate different types of traffic basd on different classifications and prioritize the BW accordingly to incorporate other qos services such as congestion avoidance (WRED) and congestion management( CBWFQ)
Policing would just drop or transmit at a reclassified marking based on cos/ip precedence or dscp values.
res
Paul
Please don't forget to rate any posts that have been helpful.
Thanks.
06-03-2013 07:51 AM
Hi Paul,
Here's my query
1. Shaping in outbound on WAN links on remote site's router -- My link is never congested in outbound direction, will it be ever effective? since as per me, congestion management techniques will apply only if interface is more than 75% utilised; * won't be happening in my case.
2. Policing in inbound on WAN links on remote site's router -- yes, i agree from PE to CE router, there would be traffic, since I'm polocing down the traffic at CE router, but would it be a concern? I mean, I'm simply want to ask, when I'd be policing the traffic inbound of WAN interface, as per my policy I would be dropping less important traffic(such as internet/regular patch upgratation etc.) & would be prefering important traffic like SAP/mail etc.; so if i'm not wroung, I'm opening up the gates for my important traffic & closing for other traffic & avoiding the inbound buffer of interface to be filled-out.
I'm really concerned, in general, how an interface feels that it's congested in inbound ? If I'm policing down the traffic in inbound & still it's feeling the congestion, then whats the point of having the policing in inbound?
Please do clarifiy the confusion.
Cheers
Ashok
06-03-2013 11:32 PM
Hello
If your are happy that your wan link is not going to be congested and you are sure each spoke site will not send over their allocated CIR then no need for apply qos. But personally I think you will be leaving yourself open to potential egress blocking which is a situation when your hub wan link is being over utilised by one or more of the spoke sites
Applying the policer inbound on a wan interface as stated before would only be viable for policing your traffic into your LAN and if your not classifying on the policer it will drop any traffic regards of it stature once it hits it defined rate limit.
Res
Paul
Sent from Cisco Technical Support iPad App
06-03-2013 11:49 PM
Hi Paul,
I would be doing classification during inbound policing at remote router, so would it be good design approach?
although, I haven't seen traffic in outbound on remote router, plus hub location WAN links are multple with fair good Bandwidth (say 15 mbps each, whereas remote being 256 kbps).
I can say, i can safely discard the possibility of HUB wan link congestion.
So , shall i go ahead for policing in inbound on remote router?
Cheers
Ashok
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide