[cisco-bba] To Shape or Police DSL Subscribers ??

Gerald Krause gk at ax.tc
Wed Feb 16 13:49:41 EST 2011


Sorry for dig out this old thread but I'am in the process to test some
QoS features on our LNS and stumbled upon this post :-).

My question - what IOS version support such QoS policies to be applied
to individual users/sessions from RADIUS on a NPE-G2 LNS and what is the
difference between this 2 features:

 1) "QoS: Per-Session Shaping and Queuing on LNS "
     Cisco FN: supported in 12.2SB but not in 12.2SRE

 2) "Per-User QoS via AAA Policy Name"
     Cisco FN: supported in 12.2SB and 12.2SRE

We have just moved from 12.2SB to 12.2SRE on our NPE-G2 LNS for some
reasons and it seems that this version does not support that kind of
configuration. I've tried some simple configurations like the originator
of this thread has done and I see that config and the RADIUS attr's will
be 'accepted' from the LNS but the policy configured in the user profile
will be not 'applied' to the Virtual-Interface of the session/user:


 ------8<-------

LNS Config
==========
!
policy-map STCR-ADSL-3M
  class class-default
   police rate percent 10
!

RADIUS Config
=============
xxx-gktest2 Password:="testtest"
	Framed-Route="1.2.3.4",
	Cisco-AVPair+="lcp:interface-config=service-policy output STCR-ADSL-3M"


DEBUG
=====

LNS Debug Log:
1375621: Feb 16 18:26:08.041: RADIUS: 1812, Access-Accept, len 106
1375623: Feb 16 18:26:08.041: RADIUS:  Vendor, Cisco       [26]  63
1375624: Feb 16 18:26:08.041: RADIUS:   Cisco AVpair       [1]   57
"lcp:interface-config=service-policy output STCR-ADSL-3M"
1375625: Feb 16 18:26:08.041: RADIUS:  Framed-IP-Address   [8]   6
1.2.3.4
...
1375675: Feb 16 18:26:08.045: SSS PM [uid:85][184D0B28]: RULE: VRF
Parsing routine:
1375676:   interface-config     "service-policy output STCR-ADSL-3M"
1375677:   addr                 1.2.3.4
1375679: Feb 16 18:26:08.045: SSS PM: Multihop disabled
1375680: Feb 16 18:26:08.045: SSS AAA AUTHOR [uid:85]: SIP PPP[13C0894]
parsed as Success
...
1375715: Feb 16 18:26:08.053: AAA/BIND(0000691E): Bind i/f Virtual-Access46
1375774: Feb 16 18:26:08.261: Vi46 IPCP: State is Open
1375775: Feb 16 18:26:08.261: AAA/AUTHOR: Processing PerUser AV route
1375776: Feb 16 18:26:08.261: Vi46 Added to neighbor route AVL tree:
topoid 0, address 1.2.3.4
1375777: Feb 16 18:26:08.261: Vi46 IPCP: Install route to 1.2.3.4


LNS#sh policy-map

  Policy Map STCR-ADSL-3M
    Class class-default
     police rate percent 10
       conform-action transmit
       exceed-action drop

LNS#show subscriber sess | inc test
85      Vi46         authen        Local Term   xxx-gktest 00:48:44
LNS#show policy-map session uid 85
LNS#

LNS#sh user wi | inc test
  Vi46                      xxx-gktest2
LNS#sh run int virtual-access 46
!
interface Virtual-Access46
 ip mtu 1452
 ip verify unicast reverse-path
 ip tcp adjust-mss 1412
 no logging event link-status
 no snmp trap link-status
end
LNS#show policy-map interface virtual-access 46
LNS#

 ------8<-------


--
Gerald

Am 07.09.2009 08:41, schrieb Andy Saykao:
> Hi All,
>  
> Is it better to shape or police DSL subscribers that have exceeded their
> quota or does it not matter which method you choose? We are currently
> using CoA with policing but I've been asked to investigate whether we
> should look at shaping instead of policing. My testing reveals that
> policing is more bursty as seen below.
>  
> *** Example with Policing ***
>  
> policy-map POLICE-TEST
>   class class-default
>    police 48000 9000 18000    conform-action transmit     exceed-action
> drop     violate-action drop
>  
> Using: cisco-avpair = "ip:sub-qos-policy-out=POLICE-TEST"
> 
> Download speeds fluctuate between 5.2 - 7.6KB/sec. More bursty.
>  
> *** Example with Shaping ***
>  
> policy-map SHAPE-TEST
>   class class-default
>     shape average 48000
> Using: cisco-avpair = "ip:sub-qos-policy-out=SHAPE-TEST"
>  
> Download speeds remain at constant 5.6KB/sec. Very little bursting.
>  
> Any pro's and con's to either method???
>  
> Thanks.
>  
> Andy
> 
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they are
> addressed. Please notify the sender immediately by email if you have
> received this email by mistake and delete this email from your system.
> Please note that any views or opinions presented in this email are
> solely those of the author and do not necessarily represent those of the
> organisation. Finally, the recipient should check this email and any
> attachments for the presence of viruses. The organisation accepts no
> liability for any damage caused by any virus transmitted by this email.
> 
> 
> 
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba



More information about the cisco-bba mailing list