Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
764
Views
0
Helpful
7
Replies

Qos Confusion !

Jonn cos
Level 4
Level 4

‎05-27-2011 11:56 PM - edited ‎03-06-2019 05:14 PM

Hi all experts.

I am trying to get a grip with qos concepts, pls help me out.

I have 2 routers R1 and R2 connected via Fastethernet interface

When i ping from R1 to R2

R1#ping 2.2.2.2 rep 100 size 46

Type escape sequence to abort.

Sending 100, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (100/100), round-trip min/avg/max = 4/5/8 ms

R1#

Now, If i want the success rate to 50%, what shall i do ?

I performed the following calculation

Access rate of Fa 0/0 = 100000000 bps

Above ping released traffic of size = 36800 bps

this means if i send 100 packets of 46 bytes, the resulting rate will be 36800 bps right ? so in order to get 50% success, i should police it to 36800/2 = 18400 bps

So if i configure the following

class-map test

mat any

policy-map test

class test

  police 18400 conf transmit exceed drop

int fas0/0

service-policy input test

But when i ping from R1 to R2 i get 97% percent rate.

I am totally confused as to how to approach this ? i mean why isnt it giving me 50% ? what calculation have i done wrong ?

Labels:
0 Helpful
7 Replies 7

cadet alain
VIP Alumni
VIP Alumni

‎05-28-2011 01:28 AM

Hi,

If I'm not mistaken the service-policy applied to interface only deals with traffic traversing this interface but here traffic is destined to interface so I think you should use Control Plane policing.

Could you try with another router  with the one doing the CB-policing in between or try Control plane policing.

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Jonn cos
Level 4
Level 4
In response to cadet alain

‎05-28-2011 01:46 AM

Sir,

its still the same

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to Jonn cos

‎05-28-2011 01:55 AM

Can you do a sh policy-map interface

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to cadet alain

‎05-28-2011 01:58 AM

Did you try R1--------R2----------R3 and ping from R1 to R3 and police ont R2 inbound?

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎05-28-2011 03:52 AM

Disclaimer

The Author of this posting offers the  information contained within this posting without consideration and with  the reader's understanding that there's no implied or expressed  suitability or fitness for any purpose.  Information provided is for  informational purposes only and should not be construed as rendering  professional advice of any kind.  Usage of this posting's information is  solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

First, I believe I recall that most if not all ping implementations do not actually send every ping request packet back-to-back at maximum rate.  If I'm correct, your calculations would be off.  You would be better off using some sort of traffic generator.  (Oh, and then do the pings mixed into the traffic generator's stream.)

Second, policers (and shapers) when configured for a rate don't exactly emulate an interface of that bandwidth.  The latter sends bits as some specific rate.  The former averages packet forwarding over some time period to emulate similar bandwidth to an actual bandwidth, but they are not the same.  I.e. 100 Mbps policed or shaped to 10 Mbps behavior is not exactly the same as actual 10 Mbps.  (NB: you can also change behavior of policer or shaper running at the same nominal rate by adjustments to Bc, Be, and/or Tc.)

0 Helpful

Kishore Chennupati
Level 7
Level 7

‎05-29-2011 05:16 AM

Hi,


So if i configure the following
class-map test
 mat any
policy-map test
 class test
  police 18400 conf transmit exceed drop
int fas0/0
 service-policy input test

Are you applying this to the interface on the R1 router? because this would try and police echo reply packets coming from the R2  inbound to R1.

May I suggest something?


Instead of using a match any under class-map, try and use a ACL to match the icmp traffic and then rate limit it.

ip access-list extended DENY_ICMP

permit icmp any any

class-map test

match ip access-group DENY_ICMP

what I would also suggest is to use policing on the control plane on R1 if you want to rate limit icmp's.

Also , do a " sh policy-map interface ff0/0" to see the counters and hits

HTH

Regards,

Kishore

0 Helpful

mlund
Level 7
Level 7

‎05-30-2011 01:48 AM

Hi

When the threshold is reached (18400) then the policer will drop one ping. Because of that drop the sending router will wait for 2 seconds(defaultvalue) before it will send next ping. Because of this timeout the policer now allows the router to send a couple of pings before reaching the 18400 limit again, and get  one packet drop, wait 2 seconds. as so on. That why You get a 97% success.

/Mikael

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card