Guarantee Minimum Bandwidth ! 3

[jacky2256]

I've just been hired in this ISP, and need to guarantee a certain amount of bandwidth to my users (1M, 2M, 4M ... download).
I was thinking of setting the rate limit for my users and give them High QoS.

Will this guarantee them the minimum bandwidth they require ?

Any hint would be useful.

 

[jacky2256]

Anyone ???

 

[lerdalt]

Take a look at this thread...it's what I've used to limit certain networks to a maximum rate:

http://www.tek-tips.com/viewthread.cfm?qid=1507353&page=5

Not understanding how the backend is setup at an ISP, so you might have to adapt a little to it.

 

[BuckWeet]

Being its an ISP, I assume you have Cisco account representatives.. I would reach out to them and have their systems engineers work with you. They will have to review your network topology to give you a proven solution.


BuckWeet

 

[jacky2256]

Thanks guys for your comments.

Lerdalt, I already saw the thread you sent. (I searched for an answer before posting).

However, if you read my post again, i am actually trying to "limit certain networks to a MINIMUM rate", not the other way around.

Certain users want for instance 2M, download ALL THE time, peak hours or not....
That's where I'm stuck.

i'm trying BuckWeet's advice.

Thanks a lot, I'll let you know how it went.

 

[lerdalt]

yeah..I'm not so certain there is a way to set a minimum rate. Will be interested in what you find out. Please post with what you find.

 

[burtsbees]

QoS does try and guarantee a minimum bandwidth---at least so much (percentage) will be guaranteed for a certain protocol, but there is no way to do it per user. Nothing can guarantee a certain amount of bandwidth---the router will automatically try and put through as much as is available, and can be tweaked and limited by QoS and CAR/rate limiting with policy maps.

Burt

 

[jacky2256]

Thanks Burstbees.
I sure will try the Rate limits/Policy Maps, and will let you know the outcome.

 

[lerdalt]

I don't know what I was thinking earlier, I've got a sample config for you...just not on me right now. Will get it posted tomorrow.

 

[Minue]

Hello
Burt I hope I am not being rude,but I must contradict what you said.QOS can guarantee per-user bandwith without any problems at all.Remember we are talking Cisco here!!!!The way to do it is to classify the user address with an access-list,then apply the desire policy.I think CBWFQ would be the best choice in this situation.Policing (rate-limit) will not give the user the guaranted bandwith in case of congestion on the link,but CBWFQ will.Another problem with rate-limit is that the user can never go above that limit even if the link isn't congested.
Regards

 

[lerdalt]

Have to agree with Minue, it's all in how things get classified.

Jacky, here is the sample I have. It's setup for traffic shaping, but the guts of it should hopefully still apply:
class-map match-any CM-CALL_SIGNALING
match ip dscp cs3
class-map match-any CM-NETWORK_MANAGEMENT
match ip dscp cs2
match access-group name ACL-NETWORK_MANAGEMENT
class-map match-any CM-BULK
match ip dscp af11
match access-group name ACL-BULK
class-map match-any CM-IP_ROUTING
match ip dscp cs6
class-map match-any CM-MISSION_CRITICAL
match ip dscp af31
match access-group name ACL-MISSION_CRITICAL
class-map match-any CM-LOW_TRANSACTIONAL
match ip dscp af23
match access-group name ACL-LOW_TRANSACTIONAL
class-map match-any CM-INTERACTIVE_VIDEO
match ip dscp cs4
class-map match-any CM-TRANSACTIONAL
match ip dscp af21
match access-group name ACL-TRANSACTIONAL
class-map match-any CM-STREAMING_VIDEO
match ip dscp af41
class-map match-any CM-VOICE
match ip dscp ef
class-map match-any CM-SCAVENGER
match ip dscp cs1
match access-group name ACL-SCAVENGER
!
!
policy-map PM-MO_ACCESS_MARKING
class CM-VOICE
class CM-INTERACTIVE_VIDEO
class CM-STREAMING_VIDEO
class CM-CALL_SIGNALING
class CM-IP_ROUTING
class CM-MISSION_CRITICAL
set ip dscp af31
class CM-NETWORK_MANAGEMENT
set ip dscp cs2
class CM-TRANSACTIONAL
set ip dscp af21
class CM-BULK
set ip dscp af11
class class-default
set ip dscp default

policy-map PM-MO_FR_QUEUING
class CM-VOICE
class CM-INTERACTIVE_VIDEO
class CM-STREAMING_VIDEO
class CM-CALL_SIGNALING
class CM-IP_ROUTING
bandwidth percent 3
class CM-MISSION_CRITICAL
bandwidth percent 30
random-detect
class CM-NETWORK_MANAGEMENT
bandwidth percent 2
class CM-TRANSACTIONAL
bandwidth percent 30
random-detect dscp-based
class CM-BULK
bandwidth percent 8
random-detect dscp-based
class CM-SCAVENGER
bandwidth percent 2
class class-default
bandwidth percent 25
random-detect

ip access-list extended ACL-BULK
permit ip 10.200.0.0 0.0.255.255 any
permit ip 10.247.0.0 0.0.255.255 any
permit ip any 10.200.0.0 0.0.255.255
permit ip any 10.247.0.0 0.0.255.255
permit tcp any any eq 9100
permit tcp any eq 9100 any
permit tcp any any eq 524
permit tcp any eq 524 any
permit tcp any any eq 8081
permit tcp any eq 8081 any
ip access-list extended ACL-LOW_TRANSACTIONAL
permit tcp any any eq www
permit tcp any eq

http://www any

permit tcp any any eq 1677
permit tcp any eq 1677 any
ip access-list extended ACL-MISSION_CRITICAL
permit tcp any 10.200.0.0 0.0.255.255 eq telnet
permit tcp any 10.247.0.0 0.0.255.255 eq telnet
permit tcp 10.200.0.0 0.0.255.255 eq telnet any
permit tcp 10.247.0.0 0.0.255.255 eq telnet any
permit tcp any any eq 1494
permit tcp any eq 1494 any
ip access-list extended ACL-NETWORK_MANAGEMENT
permit ip 10.200.64.0 0.0.0.255 any
permit ip 10.247.64.0 0.0.0.255 any
permit ip any 10.200.64.0 0.0.0.255
permit ip any 10.247.64.0 0.0.0.255
permit tcp any any eq 22
permit tcp any eq 22 any
permit tcp any any eq telnet
permit tcp any eq telnet any
permit tcp any 10.200.0.0 0.0.255.255 eq 3389
permit tcp any 10.247.0.0 0.0.255.255 eq 3389
permit tcp 10.200.0.0 0.0.255.255 eq 3389 any
permit tcp 10.247.0.0 0.0.255.255 eq 3389 any
ip access-list extended ACL-SCAVENGER
ip access-list extended ACL-TRANSACTIONAL
permit tcp any 10.200.0.0 0.0.255.255 range 1981 1983
permit tcp any 10.200.0.0 0.0.255.255 eq 2065
permit tcp any 10.247.0.0 0.0.255.255 range 1981 1983
permit tcp any 10.247.0.0 0.0.255.255 eq 2065
permit tcp 10.200.0.0 0.0.255.255 range 1981 1983 any
permit tcp 10.200.0.0 0.0.255.255 eq 2065 any
permit tcp 10.247.0.0 0.0.255.255 range 1981 1983 any
permit tcp 10.247.0.0 0.0.255.255 eq 2065 any
permit tcp any 10.200.0.0 0.0.255.255 range 1477 1478
permit tcp any 10.247.0.0 0.0.255.255 range 1477 1478
permit tcp 10.200.0.0 0.0.255.255 range 1477 1478 any
permit tcp 10.247.0.0 0.0.255.255 range 1477 1478 any
!
!
map-class frame-relay 56
frame-relay mincir 32000
frame-relay traffic-rate 50000 54000
frame-relay adaptive-shaping becn
service-policy output PM-MO_FR_QUEUING
!
map-class frame-relay 1544
frame-relay mincir 768000
frame-relay traffic-rate 600000 1408000
frame-relay adaptive-shaping becn
service-policy output PM-MO_FR_QUEUING

 

[Cluebird]

Just a note. The QoS guarantees don't mean anything until congestion starts occuring. Even rate limiters like policing only kick in during periods of congestion. Being able to "guarantee" a minimum bandwidth all the time is beyond the scope of the tools available in IOS. What it sounds like you're trying to do is provides SLAs during periods of congestion in the ISP cloud and that's where the config lerdalt posted will help. QoS tools give the ability to manage software queues that feed into the single hardware queue on the interface. LFI for FR gives a mechanism to manage the hardware queue itself so small packets don't time out behind large packets in the hardware queue.

 

[Minue]

Hi Cluebird
Rate limiters (Policing) are always active, even when the link isn't congested.Policing isn't a way to guarantee bandwith,it's more of a restriction tool.CBWFQ is the right tool for this case.
Regards

 

[BuckWeet]

Burtsbees is correct.. What you are looking for is 'per-flow' or 'micro policing'.. The policers on normal routers are an aggregate policer. Switches such as the 6500 support micro policing.

BuckWeet

 

[jacky2256]

Cluebird,

You're not the first one to tell me Guaranteed Bandwidth is beyond IOS'scope. Therefore I started looking at Packeteer Products. Actually, "dedicated Bandwidth PER source address" is what I'm looking for.

Of course most users browse using the shared pipe. but I' have to make dedication somehow.

Minue.
I am definitely looking more deeply into CBWFQ.
I presume Advanced QoS must be of CCNP level, since I never really had to deal with so much of it (i'm still just a CCNA).

lerdalt.
You're the man !
Don't know how this config will react in congestion period.
packet Classification should deal with it...
I will definitevely give it a try.


Guys, you have no idea how helpful your posts are.

Regards

 

[lerdalt]

Something I'd highly recommend picking up is Wendell Odom's QoS Exam Cert Guide. It's an excellent resource for QoS related stuff.

That is the config I'm using on my frame-relay and point to point circuits. Hopefully it gives you what you need to at least get a start.

 

[jacky2256]

I will lerdalt.
Maybe this job was the extra push i needed to start the CCNP journey ....

 

[lerdalt]

Actually, if you are at an ISP, you might want to look at the CCIP too.