[c-nsp] shaping outbound
Mark Tinka
mtinka at globaltransit.net
Sun Dec 25 07:30:47 EST 2011
On Sunday, December 25, 2011 05:34:42 AM Dan Letkeman wrote:
> Ok, so my solution would look something like this:
>
> class-map match-any application
> match protocol http
>
> policy-map inbound
> class application
> police 10000000 1000000....
> class class-default
> police 20000000 2000000....
>
> interface g0/1
> service-policy input inbound
>
> And this would police http traffic to 10mbps and all
> other traffic to 20mbps.
Pretty much.
If you don't intend to police specific protocols, you could
just apply this on all packets arriving from your customer.
Remember that this just limits the customer's upload
capacity. Most Internet access customers download more than
they upload, so you probably want a policer in the opposite
direction as well.
> Are there any recommendations on the police command to
> limit the about of drops I get from doing this?
Typical policing formula in IOS has tended to be:
Bc = (CIR/8) * 1.5
Be = Bc * 2
Note that there are some platforms that may not have an
infinite Bc value, especially hardware-based ones. On
software routers, you should be fairly okay.
That said, even with this small limitation on some hardware
platforms, we've been relatively happy with this formual.
Note that if you're implementing QoS marking or
classification anywhere else in your network, you might want
to consider marking all inbound traffic from the Internet as
DSCP 0/EXP 0, or whatever value you feel makes sense to you.
This is mandatory, but could be helpful as you deploy more
advanced QoS-dependent services in the future.
> I do have an ASA5520 in front of this router, is there
> any way of utilizing that to shape the traffic?
No clue on QoS capabilities of the ASA. Maybe someone else
can chime in there.
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20111225/26e0e742/attachment.sig>
More information about the cisco-nsp
mailing list