[c-nsp] Bandwidth shaping/limiting

Ian Hiddleston ian.hiddleston at civica.co.uk
Thu Oct 29 12:51:26 EDT 2015 

>Ok, cool.  Thanks for getting me thinking a bit upstream...looks like it
>will really make my life easier.  I need to do a bit more research on
>"policing" vs. "shaping".  My first inclination is that I don't ever
>want to drop traffic in any direction in a co-lo environment so policing
>seems like a bad idea, but perhaps my understanding of policing is not
>accurate.

>Thanks,
>-dan

I'd be inclined towards using policing in both directions. It's a maximum limit after all, same thing that happens when you run a physical interface to capacity. The other advantage to policing is that it's very simple to configure and troubleshoot, which is great when things go wrong at 2am.

http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html

That gives a good breakdown on what to expect.

Regards,

Ian Hiddleston | Senior Network Analyst | Civica UK Limited
Tel: 0845 055 2323
e-mail: ian.hiddleston at civica.co.uk | http://www.civica.co.uk



-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Brisson
Sent: 28 October 2015 15:06
To: daniel.dib at reaper.nu
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Bandwidth shaping/limiting



On 10/28/2015 11:02 AM, daniel.dib at reaper.nu wrote:
>
>
> 2015-10-28 14:28 skrev Dan Brisson:
>> On 10/28/2015 9:06 AM, daniel.dib at reaper.nu wrote:
>>>
>>>
>>> 2015-10-28 13:37 skrev Mark Tinka:
>>>> On 28/Oct/15 14:27, Dan Brisson wrote:
>>>>
>>>>> I'm hoping to get some feedback on how to limit/shape bandwidth for
>>>>> customers in a co-lo environment.  Currently customers are connected
>>>>> to Cisco 3750 switches at either 10, 100, or 1Gig depending on what
>>>>> they purchase for commodity Internet bandwidth.  The 10 and 100 is
>>>>> fine but customers are allowed to purchase in increments between
>>>>> 100Meg and 1Gig.  So because of that, if a customer purchased
>>>>> 300Mb/s,
>>>>> it would be nice to limit their physical gig port to capping out at
>>>>> 300Mb/s.
>>>>>
>>>>> I know the 3750 line has some shaping capability, but I'm not sure it
>>>>> can do what I want.  And further I'm not sure if it has the buffer
>>>>> space to do what I want.
>>>>>
>>>>> Can someone confirm or deny the capabilities the Catalyst 3750 line
>>>>> with respect to this situation.  And if the 3750 cannot do what I
>>>>> need, what should I look at in the Cisco line?  Would the ME line of
>>>>> switches be more appropriate.
>>>>
>>>> The only Cisco switch I am aware of that can do egress policing is the
>>>> ME3600X, ASR920, and whatever runs the SUP-2T (SUP-2T not tested, just
>>>> based on what others have said).
>>>>
>>>> Egress shaping is, IIRC, supported on some of Cisco's desktop
>>>> switches,
>>>> but as you say, the limited buffers on these platforms may create some
>>>> interesting situations in the field.
>>>>
>>>> I believe reasonably recent desktop switches from Cisco will support
>>>> ingress policing, but suggest you check this out before you buy.
>>>>
>>>> Mark.
>>>
>>> Does each customer have its own VLAN or do they share VLANs? Do you
>>> care if the customer uses more capacity internally or only towards
>>> the Internet? Catalyst switches can do ingress policing which would
>>> mean outbound traffic if you do it on the customer port. It also has
>>> egress shaping but it uses an algorithm called SRR which is quite
>>> different to the policy-maps that are used on routers. You could do
>>> ingress policing on a trunk port but it's quite convoluted to be
>>> honest.
>>>
>>> Like Mark said you could either move up to some more advanced switch
>>> such as 4500 or 6880 etc or keep things as is but invest in more
>>> intelligence at the edge with a box like ASR920 or similar.
>>>
>>> Regards,
>>>
>>> Daniel
>> Each customer does have its own VLAN.  And the only concern is to/from
>> the Internet.  The customer's routing interface is actually a
>> subinterface on an ASR1002 (the ASR1002 has dot1q tagged interface
>> connected to the 3750 with a tag for each customer's vlan). Maybe a
>> policy applied to that interface is a better spot?  I guess that would
>> come down to the policing/shaping capabilities of the ASR1002
>> platform.
>>
>> Thanks!
>> -dan
>
> Yes, the ASR1002 would be a better place to implement the policy. I
> think it should support both ingress and egress policing or you could
> do ingress policing and egress shaping. You could create a VLAN to
> test with before you implement it on the real customers.
>
> Regards,
> Daniel
Ok, cool.  Thanks for getting me thinking a bit upstream...looks like it
will really make my life easier.  I need to do a bit more research on
"policing" vs. "shaping".  My first inclination is that I don't ever
want to drop traffic in any direction in a co-lo environment so policing
seems like a bad idea, but perhaps my understanding of policing is not
accurate.

Thanks,
-dan

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


Ian Hiddleston | Senior Network Analyst | Civica UK Limited
Tel: 0845 055 2323
e-mail: ian.hiddleston at civica.co.uk | http://www.civica.co.uk<http://www.civica.co.uk/>


■ Civica commits to the next generation by joining The 5% Club.. more<https://www.civica.co.uk/articles/816-Civica-commits-to-the-next-generation-by-joining-The-5-Club>
■ The Great British Cloud-off... more<https://www.civica.co.uk/articles/813-The-Great-British-Cloud-off>
■ Bristol City Council selects Civica’s Housing Cx system to transform tenant services... more<https://www.civica.co.uk/articles/809-Bristol-City-Council-selects-Civicas-Housing-Cx-system-to-transform-tenant-services>

Civica UK Limited<http://www.civica.co.uk/>
-------------------------------------------------------------------------------------------

This e-mail is sent for and on behalf of Civica UK Limited company number 01628868,

Civica Services Limited company number 02374268, or Civica Group Limited company number 04968437.

All companies are registered in England and Wales and each has its registered office at 2 Burston Road, Putney, London, SW15 6AR.

Confidentiality: This e-mail and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must take no action based on them, nor must you copy or show them to anyone. If you have received this in error please advise the sender by replying to this e-mail immediately highlighting the error and deleting it from your system.

More information about the cisco-nsp mailing list