cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2448
Views
0
Helpful
14
Replies

Rate limit for P2P link

Dear Experts I need help on the bandwidth managment.

We have two offices A and B both connected with 2Mbps P2P link.

I want to limit the bandwidth for particular servers as wel as application basis.

For example server1 or group of servers should use only 512Kbps.

The reason there is some data replication scheduled every weekend and the replication continues for 4 to 5 days.

This effects our day today work as the replication uses all the bandwidth.

14 Replies 14

Javi Benito
Level 1
Level 1

You could implement Qos in your devices.

Could you post what types of devices (routers, firewalls) do you have in both offices?

Thanks for the reply Javi.

It is a simple setup having Cisco 1841 routers at both end and that's it.

I searched on google as how to implement QOS some how it did't work.

As I am not an network expert if you could help me as how I can do it would be great.

Jon Marshall
Hall of Fame
Hall of Fame

deepaksurya wrote:

Dear Experts I need help on the bandwidth managment.

We have two offices A and B both connected with 2Mbps P2P link.

I want to limit the bandwidth for particular servers as wel as application basis.

For example server1 or group of servers should use only 512Kbps.

The reason there is some data replication scheduled every weekend and the replication continues for 4 to 5 days.

This effects our day today work as the replication uses all the bandwidth.

Deepak

You can do this with QOS although you don't say what type of device you are using.

However i don't think this is necessarily the answer. How important is the data replication ?  If it is already taking 4 to 5 days then if you limit it even more it may never actually finish one batch of replication before it has to start another.  And that could lead to problems with data not being replicated properly.

A better solution would be to look into a dedicated line for the data replication so it does affect normal users. It really depends on how important the data replication is.

Jon

I see your Point Jon.

However the replication is just a secondary backup plan. So even if it takes 6 days it is ok for me.

So if I limit the bandwidth atleast the users at both end will face less bandwidth crunch issue.

Does it sound logical ?

Hello,

If you think config Qos in Cisco devices a difficult task, you can opt for a qos appliance.

Check out Allot Appliances but is a more expensive solution.

I would appreciate if any one would help he how to set the rate limit for a particular server

I think it could be helpful for you.

http://www.windowsnetworking.com/articles_tutorials/Implementing-DFS-Replication.html

It has own bandwidth configuration.

Javi Benito
Level 1
Level 1

Hello,

If you think config Qos in Cisco devices, you can opt for a qos appliance.

Check out Allot Appliances but is a more expensive solution.

mohamedtag
Level 1
Level 1

Dear Deepack , It seems what Javi Posted can Deliver what you need when configuring it from the Server Side.

As for trying to reach something from the Network Side ( Cisco 1841 ) , I Passed by the below configuration that may be applied over the Cisco 1841 Router :

=========================================================

Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 1024 256 conform-action transmit exceed-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy output police-setting

=============================================================

Note that , Access-List 1 will Point to the Server IP Address & FasEtherNet 0/0 is the Router Port to the other End , to aply the Policing over it.

Below Another one but Policing the Traffic BASED on the Portocol & Port Numbers of the Replication Process carried out by the Servers:

=============================================================

class-map match-any ServerRpl
match access-group name ServerRplPorts

policy-map ServerRpl
class ServerRpl
  priority percent 25
class class-default
  fair-queue


interface FastEthernet 0/0
  service-policy ServerRpl


ip access-list extended ServerRplPorts
permit tcp any host x.x.x.x range 22026 62025
permit udp any host x.x.x.x range 22026 62025

================================================================

Dear MARSHAL , you are the Expert here , What do you think ? can any of the above Configuration accomplish what Deepack needs ?

hi mohamed

I tried your first option below is the config I am not sure how do i arrive to the bit rate and burst rate so i used some random numbers.

How do I check if the policy is actully working . Please guide me if the below is correct.

I would like to limit 1Mbps of the total 2Mbps for some servers.

!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
ip flow-cache timeout active 1
!
!
!
class-map match-all access-match
match access-group 1
!
!
policy-map police-setting
class access-match
   police 10000 2500 conform-action transmit  exceed-action drop
!
!
!
interface FastEthernet0/0
ip address 194.43.222.50 255.255.255.248
ip route-cache flow
duplex auto
speed auto
service-policy output police-setting
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
  ip address 10.10.10.1 255.255.255.252
no fair-queue
!
ip classless
ip route 0.0.0.0 0.0.0.0 194.43.222.53
ip route 194.43.86.0 255.255.255.0 10.10.10.2
ip route 194.43.87.0 255.255.255.0 10.10.10.2
ip flow-export source FastEthernet0/0
ip flow-export version 5
ip flow-export destination 194.43.94.16 9996
!
ip http server
ip http port 1311
ip http authentication local
ip http max-connections 1
!
access-list 101 permit ip 194.43.88.0 0.0.0.255 any
access-list 101 permit ip host 194.43.88.6 any
snmp-server community public RO
snmp-server ifindex persist
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input telnet
!

Dear Deepak ,

Well , Measuring if the Policy is working or Not ( Specially the BW Limiting Policy ) is always a Challenge for me also. Let me Brainstorm with you  , What if we tried one of the 2 Following things:

1 - Applying MRTG Graph over the FastEthernet of the SwitchPort where the Server is Conencted to it and measure the Dowload  / Upload Speed during the Replication Process ( Did you try MRTG before ? It is a Utility that enable you to Use the SNMP to get Graphs for the Downlaod & Upload Speed every 5 Minutes for all Interfaces of a designated device).

http://oss.oetiker.ch/mrtg/

2 - Use DUMeter : A Shareware Application that you can install on the Server that provide you with a POP-UP Window  that measures the Downlaod / Upload Speed of the Network Interface Card - NIC - , And measure what readings the DUMeter will extract during the Replication Period.

http://www.hageltech.com/dumeter/about

What do you think ??

Deepak,

What you configured will not police( rate-limit) anything.

because:

class-map match-all access-match

match access-group 1

you are referencing  ACL 1 but it is nowhere in your config.

show policy-map interface will show no match and so no packets conforming or exceeding.

even if it was policing it would limit to 10kbs because

policy-map police-setting

class access-match

police 10000 2500 conform-action transmit  exceed-action drop

the bandwidth you specify is in bps so 10000 bps is 10 kpbs and not 1Mbps as you want so it would take a month to replicate your file.

To verify class-based policing:  show policy-map interface and while doing the transfer if you issue the command multiple times you will see packets conforming and packets exceeding so you know your policy is working

you better change load interval from 5 mins to something like 30 sec to get more precise statistics.

Regards.

Don't forget to rate helpful posts.

Dear Deepak ,

Did you tried the Configuration with " Cadetalian " Extra Editing ??

Update us with your latest Status

tstamatopoulos
Level 1
Level 1

Hello from me, i think the best solution for you is rate-limit with timed access-lists:

so the sample configuration below the router has one interface to office1 and one interface to office2, lets assume that the work hours is 08:00 till 16:00 and server replication service running at tcp port 1234, this config will limit the bandwidth to 512kbps of the service at hours 08:00 till 16:00 and all the other day the service has all the bandwidth because the offices are closed, and the link is free...

interface f0/0

description connected_to_office1

ip address 10.0.0.1 255.255.255.0

rate-limit input access-group 100 512000 96000 192000 conform-action transmit exceed-action drop

rate-limit output access-group 100 512000 96000 192000 conform-action transmit exceed-action drop

interface f0/1

description connected_to_office2

ip address 10.0.1.1 255.255.255.0

time-range test

periodic daily 8:00 to 16:00

access-list 100 permit tcp any eq 1234 any time-range test
access-list 100 permit tcp any any eq 1234 time-range test
HTH

(dont forget to rate if this post is helpfull)

Thanks

Review Cisco Networking for a $25 gift card