cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1192
Views
0
Helpful
1
Replies

What is the best way to throttle FTP traffic on an ATM PVC

tschlosser
Level 1
Level 1

We have been trying to implement an MQC policy to throttle FTP traffic on ATM PVC's.  Our basic requirement has been to allow Interactive traffic (HTTP, telnet, etc) to be able to burst to line rate.  We would like to limit FTP traffic to approx. 30% of the port speed if there is congestion occuring.  We initially tried to utilize the bandwidth percent, but that only gave us a minimum.  It did not set any maximum utilization thresholds during congestion.  I thought about utilizing the priority percent for FTP, but I believe that the priority command should only be utilized for traffic requiring low latency.  Since FTP is batch, that's probably not a good idea.

What we currently have implemented is policing, where we give Interactive traffic 80% of the port speed.  FTP is put in the default class at this time.  I need some recomendations to limit FTP to a percentage value (30%) during periods of congestion.  What we currently have implemented is not limiting the FTP's and our latency measurements are showing the latency spikes when the FTP's are occuring.  Below is a sample of what we have tried to implement.  The sample is for a 3 meg port ATM configuration.  The policy is applied on the outbound of the ATM PVC:

class-map match-any MNGMT_APPS
match access-group name MNGMT_APPS
class-map match-any BGP_TRAFFIC
match access-group name BGP_TRAFFIC
class-map match-any INTERACTIVE
match access-group name INTERACTIVE
class-map match-any ALL_TRAFFIC
match access-group name ALL_TRAFFIC
!
!
policy-map QOS2xT1
class BGP_TRAFFIC
  police cir 8000
    exceed-action transmit
class MNGMT_APPS
  police cir 8000
    exceed-action transmit
class INTERACTIVE
  police cir 2457000
    exceed-action transmit
policy-map QOS_PARENT2xT1
class ALL_TRAFFIC
  police cir 3072000
    exceed-action transmit
  service-policy QOS2xT1
class class-default
  fair-queue
  queue-limit 128
!
!
ip access-list extended ALL_TRAFFIC
permit ip any any
ip access-list extended BGP_TRAFFIC
permit tcp any any eq bgp
permit tcp any eq bgp any
ip access-list extended INTERACTIVE
deny   tcp any any eq ftp
deny   tcp any any eq ftp-data
deny   tcp any eq ftp any
deny   tcp any eq ftp-data any
permit ip any any
!
ip access-list extended MNGMT_APPS
permit udp any any eq tacacs
permit tcp any any eq 22
permit udp any eq tacacs any
permit tcp any eq 22 any

1 Reply 1

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Tschlosser,

if  your exceed action is tramsit  you have simply built traffic counters for each traffic class!

On the other hand, if the exceed-action were drop you could be not able to setup the BGP session for example.

the scheduler solution is the right one because it has elasticity in using resources.

policing is too rigid to be useful in this scenario.

You could use a parent policy that shapes at a specified rate all traffic and that invokes a child policy that is a CBWFQ.

You could think to shape outbound FTP traffic in addition to use CBWFQ  adding a shaping on that specific class of child policy

Edit:

see  command reference for shape command in policy map context

http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_s1.html#wp1068912

Hope  to  help

Giuseppe

Review Cisco Networking for a $25 gift card