10-04-2010 09:29 AM - edited 03-06-2019 01:18 PM
hi Experts,
I'm trying to configured egress traffic shaping at average of 100Mbps on a 1Gbps physical L2 trunk port.
I'm running on Nexus 7K version 5.0(2a) and the line card support 1p3q4t
I've looked at the 'policy-map type queuing' which has a shape command in the
'class type queuing 1p3q4t-out-q-default' but i couldn't figure out how i can shape
all 4 queues to achieve an average egress rate of 100Mbps for all traffics.
Does Nexus 7K support egress traffic shaping?
I also notice that Nexus 5548P doesn't support traffic shaping
Regards,
K.H.See
10-04-2010 10:01 AM
Looks like you want to configure some type of MQC shaping in the N7K. The only shaping that is supported in the N7K is Shaped Round Robin (SRR) on the egress port. The shaping is based on COS value where the COS are mapped to queues and each queue is given a specific rate. Here is an example on N7K shaping from NXOS 4.2
HTH,
jerry
10-04-2010 06:39 PM
hi Jerry,
What i'm trying to achieve is traffic shaping for all egress traffic at 100Mbps.
For example,
Nexus7K (shaping)--------->(policing) ISP-A
The link btw Nexus & ISP-A is a L2 1Gbps. ISP-A is policing at 100Mbps based on our
contract. In order to minimize pkts drop due to non-compliant, i would like to
traffic shape all egress traffic at 100Mbps.
Can it be done using SRR or WRR?
Instead of shaping at individual queue, is there a way to shape all egress traffics
using nested MQC?
Regards
10-04-2010 06:50 PM
The Nexus 7000 is designed as a data center core. What you are trying to do is placing the N7K as the DC edge, you need to consider other platform like the Catalyst 6500 with SIP/SPA, Cisco 7600, or the Cisco 7200 series.
Regards,
jerry
10-04-2010 07:27 PM
hi Jerry,
I trying to avoid another hardware in-between.
Can i say that Nexus 7K doesn't support egress shaping; similar to Nexus 5548P?
What about egress policing on Nexus 7K?
Regards
10-04-2010 08:23 PM
Well, it does support shaping (SRR) but not MQC egress shaping. We generally do not recommend using N7K or any type of LAN line card (67xx series in C6K) as CE interface (to SP). If you still want to use this approach, like you said, you can use policing and here is the configuration example
HTH,
jerry
10-05-2010 02:12 AM
I tried applying the 1 rate, two color egress policing but it return below error messages:
XXX(config-if)# service-policy type qos output POLICE-100M
ERROR: Module 1, 4, 9, 10 returned status "Egress policy on an L2 interface is not supported"
In Cisco doc, it says "You can apply the policing instructions in a QoS policy map to ingress or egress packets by
attaching that QoS policy map to an interface"
Is there a condition to above statement like it works only on L3 interfaces?
---------------------------------------------------------
policy-map type qos POLICE-100M
class class-default
police cir 100 mbps bc 200 ms conform transmit violate drop
---------------------------------------------------------
interface Ethernet1/37
switchport mode trunk
switchport trunk allowed vlan 10,104,106
spanning-tree port type edge trunk
spanning-tree guard root
speed 1000
duplex full
mtu 9216
no shutdown
-------------------------------------------------------
Regards
10-05-2010 02:43 AM
Hi Kian,
You can't do classic Shaping in N7K switch. Your only option is prioritizing queues on outbound direction. As far as I know no current linecard in N7K is supporting shaping. I hope that they will release such card as they did with c6500.
My suggestion is to set the interface speed to 100Mbps instead of 1Gbps on your side and on the Service provider edge device. This way you can be sure that you are not oversubscribe the line, and if you do, then you can apply QOS (queue prioritization) to prioritize critical traffic on the outbound direction.
HTH,
Timor Sherf
10-05-2010 06:43 AM
Setting the interface speed requires coordination with the SP. Most of the time when you are ordering subrate GE interface from them, they will leave the speed to 1000. This will give them flexability to upgrade the circuit much quicker.
BTW, the N7K is designed as DC core, hence, there isn't any WAN line card like SIP/SPA available or in the near future. Recommendation is not to use it as DC edge.
Regards,
jerry
10-05-2010 07:06 AM
I agree that N7K isn't ment to be WAN gateway router, but it seems that in this case he has no choise.
In my experience with the Service providers, there should be no problem asking them to set 100Mb speed on the port. Morover, they usually deploy small termination box of some kind that should be able to work with 100Mb links.
As I understood the question, the demand was for traffic shaping, not policing. Implementing policing is possible in N7K in case of "no switchports"
(as you've mentuned).
10-05-2010 07:15 AM
He has a choice but he prefer not to.
I trying to avoid another hardware in-between.
10-05-2010 06:37 AM
Yes, that is true, the error message indicates that you cannot do police in L2 interface, however, you can use the SRR on L2 to shape COS. If it is configured with no switchport (L3 interface), I believe the service policy will be able to attach.
Regards,
jerry
10-05-2010 06:47 PM
hi,
Yap, just confirmed that we can apply QoS egress policing ONLY on L3 interfaces.
Cisco should update their documentation to reflect this :-)
My customers are all ISP & content provider and they usually terminate on Nexus
using Single Mode Fiber (i don't think u can change the speed of fiber port).
----------------------------------------
interface Ethernet1/1
no switchport
mtu 9216
service-policy type qos output POLICE-100M
service-policy type qos input POLICE-100M
---------------------------------------
XXXX# sh policy-map interface e1/1
Global statistics status : enabled
Ethernet1/1
Service-policy (qos) input: POLICE-100M
policy statistics status: enabled
Class-map (qos): class-default (match-any)
police cir 100 mbps bc 200 ms
Service-policy (queuing) input: default-in-policy
policy statistics status: enabled
Class-map (queuing): in-q1 (match-any)
queue-limit percent 50
bandwidth percent 80
queue dropped pkts : 0
Class-map (queuing): in-q-default (match-any)
queue-limit percent 50
bandwidth percent 20
queue dropped pkts : 0
Service-policy (qos) output: POLICE-100M
policy statistics status: enabled
Class-map (qos): class-default (match-any)
police cir 100 mbps bc 200 ms
Service-policy (queuing) output: default-out-policy
policy statistics status: enabled
Class-map (queuing): out-pq1 (match-any)
priority level 1
queue-limit percent 16
queue dropped pkts : 0
Class-map (queuing): out-q2 (match-any)
queue-limit percent 1
queue dropped pkts : 0
Class-map (queuing): out-q3 (match-any)
queue-limit percent 1
queue dropped pkts : 0
Class-map (queuing): out-q-default (match-any)
queue-limit percent 82
bandwidth remaining percent 25
queue dropped pkts : 0
----------------------------------------------------------------
10-23-2010 04:32 PM
Hi Jeye,
I can agree with you that the Nexus 7000 is designed as a data center core and not recommended to place it as a DC WAN edge or PE Router. But can I have the pleasure to share you 2 questions?
1. Does the Nexus 7000 still not supporting MPLS? If yes, why we cannot use one VDC as a PE? If I'm talking about PE, It's mandatory to have MPLS support as I have to do some import / export under VRFs and just with vrf-lite, this is not supported.
2. If I continue to use 7600 or 6500 as DC/WAN edge routers, is there a need to have a dedicated VDC for the core of our Data Center or I can use a collapsed core and aggregation?
Thanks.
10-23-2010 07:57 PM
For Q1, development is aware of this customer requirement of supporting MPLS in the N7K. It is in the roadmap and this is all I can share. If you need more info, contact your Cisco sales team and they can provide more info with NDA.
For Q2, designing core or collapse core/aggregation in a DC is really upto the design requirement(s). If you have limited budget, of course, you might want to consider collapse core/aggregation. For some of the network we have seen/worked on, organizations still prefer to have a dedicated core (dedicated boxes) to forward traffic. If you have to do maintenance on the aggregation, etc. it will not affect any other traffics across the core.
Regards,
jerry
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide