Solved: Bandwidth Throttling on a WAN Circuit

namso2 · ‎06-28-2006

We are replicating data in one direction from Site A to Stie B. The source is a set of servers on Site A's LAN. The servers belong to three subnets. Only those servers reside in those subnets.

Site A has two core 6509 switches. These two switches each connect to a CE router. Each CE router connects to a PE router. The PE routers connect to two MPLS clouds at 130 Mbps.

It is similar at Site B.

What I want to do is limit the servers' traffic to 25 Mbps from Site A to Site B. Where is it best to rate-limit the traffic (6509 switch, CE router, or PE router)?

How would I go about doing that? I'm not asking for specific commands right now, but just an overview (e.g. use WRED). In other words, which software feature should I use?

tdrais · ‎06-28-2006

If you want a hard limit then you want to police the traffic. You want to limit the traffic as close to the source as you can. In your case I suspect it will be in the CE router. If all the traffic passes though a single core switch then you could do it at the switch. If it load balances into both interfaces in the CE router then your only common point is outbound on the CE router. It is not normally good to police the traffic outbound but it may not be easy to do another way. If you have good load balancing you could do 12.5m inbound on each connection from the core.

View solution in original post

tdrais · ‎06-28-2006

If you want a hard limit then you want to police the traffic. You want to limit the traffic as close to the source as you can. In your case I suspect it will be in the CE router. If all the traffic passes though a single core switch then you could do it at the switch. If it load balances into both interfaces in the CE router then your only common point is outbound on the CE router. It is not normally good to police the traffic outbound but it may not be easy to do another way. If you have good load balancing you could do 12.5m inbound on each connection from the core.

tthulin · ‎06-28-2006

There are a couple of ways to do this, but the simplest would be to apply CBWFQ to the outbound interfaces. This will allow you to limit your server to a giving bandwidth and also to guarantee more "production data" a bandwidth. Some of these commands may be IOS dependent, but it will give you a idea of where to start.

The example here is for Frame-relay

For example I will use 10.1.1.0 /23 for site A lan

and 10.1.2.0/23 for site B's Lan.

1. So we start by create a source/destination access-list

On Site A side

access-list 101 permit ip 10.1.1.0 0.0.0.255 10.1.2.0 0.0.0.255

On Site B side

access-list 101 permit ip 10.1.2.0 0.0.0.255 10.1.1.0 0.0.0.255

2. Now create a class-map for this data

class-map match-all rep-data

match access-group 101

3. Now create a policy-map and associate it to teh class-map

policy-map FRF-QoS-Rep-Data

class rep-data

bandwidth 25600

class class-default

fair-queue

4. Create a map-class for your bandwidth

map-class frame-relay FRF-QoS-Rep-Data

frame-relay cir 130000000

frame-relay mincir 25000000

service-policy output FRF-QoS-Rep-Data

5. Apply Frame-relay traffic shaping to primary interface. (skip if not using FR)

Interface Serial1/0

Frame-relay traffic-shaping

6. Apply map-class to sub interface dlci if you are using FR

Interface Serial1/0.1 point-to-point

frame-relay interface-dlci 101

class FRF-QoS-Rep-Data

This will guarantee 25 meg for you rep server and fair-queue everything else. You can make as bandwidth groups as you wish, but the additive of all groups should be equal or less than your min cir.