cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
859
Views
0
Helpful
3
Replies

IOS-XR QoS Policy Config Verification

philclemens1835
Level 1
Level 1

Setting up the policies for an NNI with another SP's MPLS network.

The profile selected is:

10% RT, 40/30/30

Cos1 10, Cos2 40, Cos3 30, Cos4 30

 

In addition, there are some specific ports and addresses to be included in the class definitions.

 

Please take a look and let me know if this looks right, or if I'm off-base on anything:

 

ipv4 access-list COS1
  10 permit udp any any range xxxxx yyyyy

 

ipv4 access-list COS3
  10 permit udp any any eq snmp
  20 permit ipv4 host x.x.x.x any

 

class-map match-any COS1
  match dscp ef
  match access-group ipv4 COS1
end-class-map

 

class-map match-any COS2
  match dscp af31
end-class-map

class-map match-any COS3
  match dscp af21
  match access-group ipv4 COS3
end-class-map

 

class-map match-any COS4
  match dscp af11
end-class-map

 

policy-map NNI_CHILD
class COS1
  priority level 1
  police rate percent 10
! what are the default conform/exceed actions, if there are defaults?
!
class COS2
  bandwidth remaining percent 40
!
class COS3
  bandwidth remaining percent 30
!
class COS4
  bandwidth remaining percent 30
!
class class-default
!
end-policy-map


policy-map NNI_PARENT
class class-default
  service-policy NNI_CHILD
  bandwidth 500 mbps
  shape average 500 mbps

 

3 Replies 3

smilstea
Cisco Employee
Cisco Employee

police rate percent 10
! what are the default conform/exceed actions, if there are defaults?

 

For a policer we conform to the percent of bandwidth allowed, in this case since you have a shaper at 500mbps and a policer in the child policy at 10 percent its 50mbps. Anything above the 50mbps over the time period (1s) would be dropped. Whats interesting is you have a policer which is more restricting under a shaper (which does allow for a default bursting rate), you can of course add a bursting size to your policer. You can check show qos for the interface for the default exceed rate on the shaper, policer has none by default and is a hard drop. You can also set conform and exceed actions for the policer such as remarking the packet.

The other thing to note is queue length or queue limit, this is the time length, so for a shaper in asr9k the default is 100ms, so with 500mbps we split that into 10 50mbps segments, if you go over the 50mbps we have a default burst rate as mentioned before, but if you go over that you will exceed the shaper and drop. For instance if you send 70mbps, then 30, then 50 for all the remaining time segments you send 500mbps total but in the first time segment of 70mbps we drop 20mbps - burst rate, all the other 100ms time segments are conforming.

 

Here is an example with the different values set:

RP/0/RSP0/CPU0:ios#show qos int tenGigE 0/0/0/0 output

Interface: TenGigE0_0_0_0 output Bandwidth: 10000000 kbps ANCP: 0 kbps

Policy: 2R3C_policer Total number of classes: 1

----------------------------------------------------------------------

Level: 0 Policy: policer Class: class-default

QueueID: 10 (Priority Normal)

Queue Limit: 131 kbytes Profile: 1 Scale Profile: 4

Policer Profile: 24 (TrTCM)

Conform: 9987 kbps (10 mbps) Burst: 9593 bytes (10 kbytes)

Peak: 19975 kbps (20 mbps) Burst: 19186 bytes (20 kbytes)

Child Policer Conform: TX

Child Policer Exceed: set cos 0  

Child Policer Violate: DROP

WFQ Profile: 0 Committed Weight: 1 Excess Weight: 1020

Bandwidth: 0 kbps, Parent Bandwidth: 10000000 kbps, Excess Ratio: 1

 

 

when you set peak rate you are setting the max it can burst, so if its 20mbps and your rate is 10mbps then the burst is an additional 10mbps.

 

 

Sam

Thanks Sam.  I'm not set on policing for the priority 1 traffic.

The CIR from the upstream provider is 500Mb on a 1Gb physical interface.

So, if there's a better way to handle that combination, I'm all for it.  I definitely want to follow best practices on this, but have not found anything real definitive yet.  Please feel free to offer ideas/suggestions.

 

Would it make more sense for the child policy to start with a simpler:

class COS1
  bandwidth percent 10

- does losing the "priority level 1" line cost anything when it's the first class in the policy?

 

Based on your feedback, I am assuming the remainder of the ACL, class, and policy config is okay.

COS1 is just first because of the naming, it is not necessarily serviced first. By making it priority 1 it will go into a higher priority queue and be serviced before other queues.

 

The difference in bandwidth commands and policing/shaping is whether we have the ability to use additional bandwidth from classes that are low in traffic or if our traffic rate for the class is strictly limited to a certain value (or value plus burst).

So there is no right answer, its about how much bandwidth you want that class to have theoretically.

 

Sam