[nsp] Bandwidth Cap Question

Dan Armstrong dan at beanfield.com
Thu Mar 27 21:57:05 EST 2003 

We have been wrestling with this very same issue for a long time now.  I
have never really got a good answer, and often feel like I am in the
Emporers New Clothes telling everybody that "nobody has REALLY thought
this through yet!"

Here is what we have come up with, please anybody jump in if I am
wrong/right or whatever.

We wanted to be able to rate limit customers on Ethernet segments (each
customer gets their own VLAN & port) down to less than line speed,
depending on what they pay for.  We found there are two approaches to
sub-rate interfaces like this, similar to the ATM world we have
"policing" and "shaping".  Policing just drops packets that exceed a
specific rate.  This sucks.  It is only useful if you are a telco selling
somebody a layer2 service at X rate and leave it up to the customer to
shape it.

The only way to really subrate interfaces effectivley is to catch it at
both ends.  Traffic incoming FROM the customer, at the Ethernet switch,
and traffic going TO the customer from the Internet at the router.

In the case of incoming traffic:

Theoretically, the switch can assert carrier on an Ethernet segment if
there is too much traffic coming in, to shape down to whatever speed you
want.

>From the Internet TO the customer:

Has to be shaped at the router.  The router can do all of it's congestion
managment magic (buffering, WRED etc. ) that it would normally do when it
encounters flows between dis-similar speed links.

Now in practice?  We have been doing this with ATM PVCs.  In a Cisco
router, you can choke a PVC down to whatever speed, and it keeps a per
VC rate queue and it works wonderfully.  The other end is a bit yucky,
though.  A Catalyst switch with ATM/1483 uplink can only have 8
simultaneous rate queues.  Even though you can choke a PVC down to
whatever you want, everybody that is choked to the same rate is sharing
that rate queue, which sucks.

We have been told by our Cisco SE that the new 3550 switches & the
4507R switch are the first Cisco Ethernet switches to properly support
incoming traffic shaping, with 802.3x flow control.   We are really
hoping that between a 3550 switch will do this for us.

I am also told by our Cisco SE that the output queueing on a Gigabit
Ethernet interface in a router can do the same magic as the ATM interface
cards... remains to be seen....


(Comments appreciated).
Dan.

charles spamington wrote:

> Hello,
>         I have a 6500 running in native mode, and I'm
> wondering whats the best way to cap VLANs or specific
> subnets. I've tried setting up Qos Policers for 1Mbps
> but it did not work well at all, and was only able to
> do a few kB/s. TAC told me its because of TCP and
> theres no way around it.
>
> I do have the 6500 connected to a 7200 for upstream
> connectivity, is it better to just do it there? (on a
> wan rounter!). It seems to me like many people have
> these simple 'caps' in place but its turning into a
> complex issue for me, how does everyone else cap
> clients with cisco equipment?
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
> http://platinum.yahoo.com
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list