11-30-2016 02:10 AM
I facing issue in policing traffic over bundle-ether. I have created a policy may and class map into it to classify three different traffic sources. The problem I am observing is that though traffic is under utilized from the police rate configured but it shows exceeded packets as a result we are observing difference in traffic statistics from uplink and downlink interfaces.
Below is the config for policy map. Can anyone help.
policy-map NB-Silver
class local-content
police rate 40 mbps burst 7500 kbytes
conform-action transmit
exceed-action drop
!
!
class cache
police rate 3 mbps burst 576 kbytes
conform-action transmit
exceed-action drop
!
!
class class-default
police rate 1500 kbps
conform-action transmit
exceed-action transmit
violate-action drop
!
!
end-policy-map
!
11-30-2016 08:05 AM
Use the "show qos interface ..." command to confirm what was programmed in HW. Also please keep in mind that asr9k is a distributed platform, meaning that the same policer will be applied independently to all bundle members.
Some good references:
hope this helps,
/Aleksandar
12-14-2016 05:06 AM
Hi Aleksandar,
Thank you for your response. I have gone through the provided document it has certainly help me to understand the QOS in distributed architecture, however, the query is still unanswered.
Let me describe my scenario in detail so that it would be easy to understand the issue i am facing. I am using ASR 9010 primarily for BNG services, around 50K PPPoE subscribers are terminated over bundle-ether interfaces, all the attributes are assigned via radius server.
There are different policy maps applied to users and three different class maps are configured to classify the traffic also shared in previous config. The issue I am observing is exceeds packets drops although the link is underutilized as checked through statistics. For example a user has been assigned a police rate of 1Mbps, though the link is underutilized and traffic is below 1Mbps but I am observing exceeded packet drops same statistics has been observed at all the users with different policy maps, as a result there is a huge difference in traffic statistics overall from uplink to downlink interfaces which I believe traffic leakage of e.g 3Gbps or a waste of our bandwidth over the internet. To overcome this issue I have also increase the policier burst size but result is still the same.
Could you please help me to fix this issue that if a user is utilizing full bandwidth or there ain’t enough space in token bucket the traffic should be drop down over the internet instead of it traverse down the line upto the user and drops the packet at user interface which eventually is a waste of internet bandwidth that is my main concern.
Is there any sort of Congestion avoiding mechanism for TCP in ASR 9010 that can control or implement via QOS. I have also attached the diagram for your better understanding.
Thanks for help.
12-14-2016 07:35 AM
hi Erik,
I think your question is twofold:
Hope this helps,
Aleksandar
12-14-2016 09:49 PM
Hi Aleksandar,
1. why is traffic in a class dropped even if the policer rate is not reached? For this check the "sh qos interface <subscriber_interface> output" to confirm what values were programmed in HW and see how that matche s the "sh policy-map interface <subscriber_interface>".
Ans : Yes, I've checked that, as per below formula the burst that I have configured e.g for 1Mbps burst is 192 KBytes/s and the value that programmed in HW is 125KBytes/s since we are using typhoon line cards I have read that The maximum burst supported by Typhoon cards is 1 sec of your rate.and any burst size of more than 1 sec is rounded down to 1 sec of the rate. Please confirm?
Bc to CIR bps * (1 byte) / (8 bits) * 1.5 seconds
and
Be=2xBc
2. WRED ihow to implement congestion avoidance. WRED is supported on subscriber interfaces? This will prevent synchronisation of TCP traffic. In case of genuine bursts, the link between core switch and BNG will still be overutilised, I don't think there's a way to prevent that.
Ans.Let me check WRED if it's supported on subscriber interfaces. The link capacity b/w core switch and BNG is 40Gbps, is there any reason you suspect link will be overutilized?
Thanks for you help
Regards,
Erik
12-15-2016 12:02 PM
hi Erik,
can you point me to that document that states that we cap the burst size at 1s? This may happen on nV Satellite interfaces, but not in general. See this example from a lab router:
RP/0/RSP0/CPU0:PE1(config-pmap-c)#do sh qos int TenGigE0/1/0/2 output | i PBS Shape PIR Profile : 2/0(E) PIR: 1000 kbps PBS: 319488000 bytes
I can't say whether the link is overutilised, I suppose you can track that easily.
hth,
/Aleksandar
12-15-2016 09:21 PM
Hi Aleksandar,
I don't have any document in hand it was told by Cisco TAC. However, following are the output for qos interface which exhibit the program value and configured burst size.
I have bundle-ether interface with two member ports.
Apart from this can you tell me if it's only the burst size issue that cause the packet drops or some other issue you suspect that cause the difference in traffic statics.
POLICY MAP:
RP/0/RSP0/CPU0#sh running-config policy-map NB-Silver-Testing
Fri Dec 16 10:18:01.197 PKT
policy-map NB-Silver-Testing
class local-content
police rate 40 mbps burst 7500 kbytes
conform-action transmit
exceed-action drop
!
!
class cache
police rate 3 mbps burst 576 kbytes
conform-action transmit
exceed-action drop
!
!
class class-default
police rate 1500 kbps burst 319 kbytes
conform-action transmit
exceed-action drop
!
!
end-policy-map
!
QOS Statistics
RP/0/RSP0/CPU0#sh qos interface bundle-Ether 2.3999 output
Fri Dec 16 10:10:21.049 PKT
Interface: TenGigE0_0_0_1 output
Bandwidth configured: 10000000 kbps Bandwidth programed: 10000000 kbps
ANCP user configured: 0 kbps ANCP programed in HW: 0 kbps
Port Shaper programed in HW: 0 kbps
Policy: NB-Silver-Testing Total number of classes: 3
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: local-content
QueueID: 196610 (Port Default)
Policer Profile: 73 (Single)
Conform: 40000 kbps (40 mbps) Burst: 5000000 bytes (7500 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: ggc
QueueID: 196610 (Port Default)
Policer Profile: 71 (Single)
Conform: 3000 kbps (3 mbps) Burst: 375000 bytes (576 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: class-default
QueueID: 196610 (Port Default)
Policer Profile: 74 (Single)
Conform: 1496 kbps (1500 kbps) Burst: 187000 bytes (319 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Interface: TenGigE0_1_1_1 output
Bandwidth configured: 10000000 kbps Bandwidth programed: 10000000 kbps
ANCP user configured: 0 kbps ANCP programed in HW: 0 kbps
Port Shaper programed in HW: 0 kbps
Policy: NB-Silver-Testing Total number of classes: 3
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: local-content
QueueID: 196610 (Port Default)
Policer Profile: 71 (Single)
Conform: 40000 kbps (40 mbps) Burst: 5000000 bytes (7500 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: cache
QueueID: 196610 (Port Default)
Policer Profile: 69 (Single)
Conform: 3000 kbps (3 mbps) Burst: 375000 bytes (576 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: class-default
QueueID: 196610 (Port Default)
Policer Profile: 72 (Single)
Conform: 1496 kbps (1500 kbps) Burst: 187000 bytes (319 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Thanks & Regards.
12-19-2016 02:58 AM
hi Erik,
expected drops in this scenario would be those that are caused by reaching the burst size.
regards,
/Aleksandar
12-20-2016 01:48 AM
Hi Aleksandar,
Is there any way to overcome the exceeded packet drops issue apart from increasing the burst size, as I have told you there is a limitation on typhoon line cards also depicts in above shared qos stats(configured burst and HW programmed burst) or Is there any method to tweak any parameter like optimize TCP or by change MTU etc to reduce the impact since huge difference in traffic stats are observed due to this.
Please suggest. Thanks
Regards,
Erik
12-20-2016 10:36 AM
hi Erik,
you are right that in case of bundles we do limit the burst to 1s of the policer or shaper rate. Apologies for the error on my part.
You can adjust the TCP MSS size on subscriber interfaces. I'm not sure how helpful would that that be in flattening the traffic bursts, but you can give it a try. See https://supportforums.cisco.com/document/12417241/tcp-mss-adjust-asr9000.
To the best of my knowledge only WRED can flatten the peaks in TCP traffic.
You could apply an output shaper on the on the upstream interface of the BNG or an output shaper on the downstream interface of your edge routers in the diagram, with the same traffic classification scheme. However, either approach will affect the fairness between subscribers.
12-21-2016 10:39 AM
Alternatively, if you use line card based subscribers, the limit of the 1s burst on a policer shouldn't apply any more.
12-21-2016 11:22 PM
Hi Aleksandar,
I have applied the policy map on line card as well but result is same :). Below are the stats.
RP/0/RSP0/CPU0:#sh qos interface TenGigE0/2/1/1.3999 output
Thu Dec 22 11:16:03.142 PKT
Interface: TenGigE0_2_1_1.3999 output
Bandwidth configured: 10000000 kbps Bandwidth programed: 10000000 kbps
ANCP user configured: 0 kbps ANCP programed in HW: 0 kbps
Port Shaper programed in HW: 0 kbps
Policy: NB-Silver-Testing Total number of classes: 3
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: local-content
QueueID: 65570 (Port Default)
Policer Profile: 61 (Single)
Conform: 40000 kbps (40 mbps) Burst: 5000000 bytes (8000 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: cache
QueueID: 65570 (Port Default)
Policer Profile: 62 (Single)
Conform: 3000 kbps (3 mbps) Burst: 375000 bytes (576 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Level: 0 Policy: NB-Silver-Testing Class: class-default
QueueID: 65570 (Port Default)
Policer Profile: 63 (Single)
Conform: 1496 kbps (1500 kbps) Burst: 187000 bytes (319 kbytes)
Child Policer Conform: TX
Child Policer Exceed: DROP
Child Policer Violate: DROP
----------------------------------------------------------------------
Regards,
Erik
12-22-2016 12:39 AM
hi Erik,
sorry, you are right. I repeated my test and confirm the same result. This limit applies always to policers and to shapers at level 4 in the QoS hierarchy. You can exceed this limitation only if you would use shaper at parent level in the hierarchical QoS scheme. This would however lead to faster resource depletion in BNG deployment scenario.
Apologies for the confusion.
/Aleksandar
12-22-2016 01:37 AM
Hi Aleksandar,
Thanks for your response. Could you please share the sample config for HQOS based on the policy map config shared earlier so that I can give it a try.
Regards,
Erik
12-22-2016 07:21 AM
hi Erik,
here you go:
class-map match-any Voice
match precedence 5
end-class-map
!
class-map match-any Video
match precedence 3
end-class-map
!
policy-map QOS-BNG-EGRESS-child
class Video
bandwidth percent 40
class Voice
bandwidth percent 20
!
policy-map QOS-BNG-EGRESS
class class-default
shape average 1 mbps 319488000 bytes
service-policy QOS-BNG-EGRESS-child
RP/0/RSP0/CPU0:asr9k#sh subscriber running-config interface name BE100.10.pppoe1
Thu Dec 22 16:15:41.992 CET
Building configuration...
!! IOS XR Configuration 5.3.3
subscriber-label 0x40
dynamic-template
type ppp PPPoE
multicast ipv4 passive
igmp version 3
ipv4 unnumbered Loopback100
ppp ipcp dns 144.254.71.184 173.38.200.100
ppp ipcp peer-address pool CLIENTS
service-policy output QOS-BNG-EGRESS
vrf BNG
!
!
end
RP/0/RSP0/CPU0:asr9k#sh qos int BE100.10.pppoe1 ou
Thu Dec 22 16:15:19.352 CET
Interface: GigabitEthernet0_0_0_19 output
Bandwidth configured: 1000000 kbps Bandwidth programed: 1000000 kbps
ANCP user configured: 0 kbps ANCP programed in HW: 0 kbps
Port Shaper programed in HW: 0 kbps
Policy: QOS-BNG-EGRESS Total number of classes: 4
----------------------------------------------------------------------
Level: 0 Policy: QOS-BNG-EGRESS Class: class-default
QueueID: N/A
Shape CIR : NONE
Shape PIR Profile : 3/0(E) PIR: 1000 kbps PBS: 319488000 bytes
WFQ Profile: 3/9 Committed Weight: 10 Excess Weight: 10
Bandwidth: 0 kbps, BW sum for Level 0: 0 kbps, Excess Ratio: 1
----------------------------------------------------------------------
Level: 1 Policy: QOS-BNG-EGRESS-child Class: Video
Parent Policy: QOS-BNG-EGRESS Class: class-default
QueueID: 197226 (Priority Normal)
Queue Limit: 12 kbytes Abs-Index: 7 Template: 0 Curve: 0
Shape CIR Profile: INVALID
WFQ Profile: 3/64 Committed Weight: 67 Excess Weight: 67
Bandwidth: 400 kbps, BW sum for Level 1: 600 kbps, Excess Ratio: 1
----------------------------------------------------------------------
Level: 1 Policy: QOS-BNG-EGRESS-child Class: Voice
Parent Policy: QOS-BNG-EGRESS Class: class-default
QueueID: 197227 (Priority Normal)
Queue Limit: 6 kbytes Abs-Index: 5 Template: 0 Curve: 0
Shape CIR Profile: INVALID
WFQ Profile: 3/32 Committed Weight: 33 Excess Weight: 33
Bandwidth: 200 kbps, BW sum for Level 1: 600 kbps, Excess Ratio: 1
----------------------------------------------------------------------
Level: 1 Policy: QOS-BNG-EGRESS-child Class: class-default
Parent Policy: QOS-BNG-EGRESS Class: class-default
QueueID: 197228 (Priority Normal)
Queue Limit: 1 kbytes Abs-Index: 1 Template: 0 Curve: 0
Shape CIR Profile: INVALID
WFQ Profile: 3/0 Committed Weight: 1 Excess Weight: 1
Bandwidth: 0 kbps, BW sum for Level 1: 600 kbps, Excess Ratio: 1
----------------------------------------------------------------------
/Aleksandar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide