Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   rate limiting with 3550 and 3750 troubles (http://www.velocityreviews.com/forums/t30721-rate-limiting-with-3550-and-3750-troubles.html)

Rick 12-04-2003 11:18 PM

rate limiting with 3550 and 3750 troubles
 
Hello,
I wanted to implement traffic shapiung features using catalyst 3750
running EMI IOS but I Am unable to gain decent results.

First I tryed with the class-map and policy map
applied to a L3 interface (no switchport).
TRaffic shaping works but not as I expected.

I picked 2 no switchport interfaces, I Assinged 2 IP numbers
to them from 2 different nets and I enabled ip routing.
then I simply used iperf or netperf to measure the
bandwith and to measure if traffic shaping works.
To have a rate limiting of 45Mbps over a 100Mbps interface I have to
set a rate limit in the policy map of 90Mbit and I Can;t explain it.
Perhaps I must change the dscp default values ?
I can't figure out.
I just did something like this:

mls qos
!
class-map match-all limit_ftp
match access-group 101
!
!
policy-map limit_ftp
class limit_ftp
police 90000000 1000000 exceed-action drop

and applied it to a access-list 101 but the shaping resule as i told
is not what I Wanted. This method works with low band rates but not with
high band rates, I don't know what I Am doing of wrong.
I mean with bandwith shaping of 30 or 40 Mbit I got unexpected resules.


I also tryed in a different way using a rate-limiting keyword on the interface
properties:

interface gigabit 1/0/11
rate-limit output access-group 100 1000000 187500 375000 conform-action
transmit exceed-action drop

it also does not work

anyoen coudl help me showing me a working traffc shaping example?
I read the online docs at cisco but htey did not help me.

thanks very much

Rick


Sean 12-05-2003 06:07 PM

Re: rate limiting with 3550 and 3750 troubles
 
On Thu, 04 Dec 2003 23:18:16 +0000, Rick wrote:

> I picked 2 no switchport interfaces, I Assinged 2 IP numbers
> to them from 2 different nets and I enabled ip routing.
> then I simply used iperf or netperf to measure the
> bandwith and to measure if traffic shaping works.
> To have a rate limiting of 45Mbps over a 100Mbps interface I have to
> set a rate limit in the policy map of 90Mbit and I Can;t explain it.
> Perhaps I must change the dscp default values ?
> I can't figure out.
> I just did something like this:
>
> mls qos
> !
> class-map match-all limit_ftp
> match access-group 101
> !
> !
> policy-map limit_ftp
> class limit_ftp
> police 90000000 1000000 exceed-action drop
>
> and applied it to a access-list 101 but the shaping resule as i told
> is not what I Wanted. This method works with low band rates but not with
> high band rates, I don't know what I Am doing of wrong.
> I mean with bandwith shaping of 30 or 40 Mbit I got unexpected resules.
>
>
> I also tryed in a different way using a rate-limiting keyword on the interface
> properties:
>
> interface gigabit 1/0/11
> rate-limit output access-group 100 1000000 187500 375000 conform-action
> transmit exceed-action drop
>
> it also does not work
>
> anyoen coudl help me showing me a working traffc shaping example?
> I read the online docs at cisco but htey did not help me.
>
> thanks very much
>
> Rick


What kind of "unexpected results" are you getting?
Specifically what results are you trying to get?


Riccardo Veraldi 12-07-2003 12:32 AM

Re: rate limiting with 3550 and 3750 troubles
 
In article <pan.2003.12.05.18.07.11.718831@frozenreality.com> , Sean wrote:
> On Thu, 04 Dec 2003 23:18:16 +0000, Rick wrote:
>
>> I picked 2 no switchport interfaces, I Assinged 2 IP numbers
>> to them from 2 different nets and I enabled ip routing.
>> then I simply used iperf or netperf to measure the
>> bandwith and to measure if traffic shaping works.
>> To have a rate limiting of 45Mbps over a 100Mbps interface I have to
>> set a rate limit in the policy map of 90Mbit and I Can;t explain it.
>> Perhaps I must change the dscp default values ?
>> I can't figure out.
>> I just did something like this:
>>
>> mls qos
>> !
>> class-map match-all limit_ftp
>> match access-group 101
>> !
>> !
>> policy-map limit_ftp
>> class limit_ftp
>> police 90000000 1000000 exceed-action drop
>>
>> and applied it to a access-list 101 but the shaping resule as i told
>> is not what I Wanted. This method works with low band rates but not with
>> high band rates, I don't know what I Am doing of wrong.
>> I mean with bandwith shaping of 30 or 40 Mbit I got unexpected resules.
>>
>>
>> I also tryed in a different way using a rate-limiting keyword on the interface
>> properties:
>>
>> interface gigabit 1/0/11
>> rate-limit output access-group 100 1000000 187500 375000 conform-action
>> transmit exceed-action drop
>>
>> it also does not work
>>
>> anyoen coudl help me showing me a working traffc shaping example?
>> I read the online docs at cisco but htey did not help me.
>>
>> thanks very much
>>
>> Rick

>
> What kind of "unexpected results" are you getting?
> Specifically what results are you trying to get?
>


police 90000000 1000000 exceed-action drop

is shaping traffic at 45Mbit and not at 90Mbit.
if I put

police 30000000 500000 exceed-action drop

it will shape traffic at 2Mbit and not 30Mbit as I would expect.

could u get good results in traffic shaping with 3550 ?
any hints?

the switch is not broken.
I got same results with 3550 and 3750 runnig EMI
so either I am to lame or the 3550/3750 is a crap in traffic shaping.
thanks

Rick


Piotr Glaska 12-08-2003 08:54 AM

Re: rate limiting with 3550 and 3750 troubles
 
"Riccardo Veraldi" <rick@diabolo.rootshell.be> wrote in message
news:slrnbt4t9e.r1l.rick@diabolo.rootshell.be...

> police 90000000 1000000 exceed-action drop
> is shaping traffic at 45Mbit and not at 90Mbit.
> if I put
> police 30000000 500000 exceed-action drop
> it will shape traffic at 2Mbit and not 30Mbit as I would expect.
> could u get good results in traffic shaping with 3550 ?


First of all we talk about traffic policing and not traffic shaping in this
case [3][4]. This mean all traffic not conforming to specified rate and
burst is dropped. Lost packets have some impact on TCP streams and I suppose
you were measuring some TCP application performance (ftp?).
It's possible to get good results with TCP and policing if you can set burst
to value large enough [2].
Maximum burst size in 3750 is 1MB which would be enough for policing single
TCP stream to 15Mb/s [1].
In Cat2950 maximum burst is 64kB for FastEthernet ports and it's enough for
<1Mb/s - I got about 900kb/s in single FTP transfer with 1Mb/s rate and 64kB
burst. If burst is set to 32kB I get about 500kb/s.

--
Piotr

[1] http://www.cnaf.infn.it/~ferrari/tfn...00/police/tcp/
[2]
http://www.cisco.com/en/US/partner/p...800feff5.shtml
[3]
http://www.cisco.com/en/US/partner/t...800a3a25.shtml
[4]
http://www.cisco.com/en/US/partner/p...0800ca59f.html



Piotr Glaska 12-08-2003 08:54 AM

Re: rate limiting with 3550 and 3750 troubles
 
"Riccardo Veraldi" <rick@diabolo.rootshell.be> wrote in message
news:slrnbt4t9e.r1l.rick@diabolo.rootshell.be...

> police 90000000 1000000 exceed-action drop
> is shaping traffic at 45Mbit and not at 90Mbit.
> if I put
> police 30000000 500000 exceed-action drop
> it will shape traffic at 2Mbit and not 30Mbit as I would expect.
> could u get good results in traffic shaping with 3550 ?


First of all we talk about traffic policing and not traffic shaping in this
case [3][4]. This mean all traffic not conforming to specified rate and
burst is dropped. Lost packets have some impact on TCP streams and I suppose
you were measuring some TCP application performance (ftp?).
It's possible to get good results with TCP and policing if you can set burst
to value large enough [2].
Maximum burst size in 3750 is 1MB which would be enough for policing single
TCP stream to 15Mb/s [1].
In Cat2950 maximum burst is 64kB for FastEthernet ports and it's enough for
<1Mb/s - I got about 900kb/s in single FTP transfer with 1Mb/s rate and 64kB
burst. If burst is set to 32kB I get about 500kb/s.

--
Piotr

[1] http://www.cnaf.infn.it/~ferrari/tfn...00/police/tcp/
[2]
http://www.cisco.com/en/US/partner/p...800feff5.shtml
[3]
http://www.cisco.com/en/US/partner/t...800a3a25.shtml
[4]
http://www.cisco.com/en/US/partner/p...0800ca59f.html




Sean 12-08-2003 06:21 PM

Re: rate limiting with 3550 and 3750 troubles
 
On Sun, 07 Dec 2003 00:32:51 +0000, Riccardo Veraldi wrote:

> In article <pan.2003.12.05.18.07.11.718831@frozenreality.com> , Sean wrote:
>> On Thu, 04 Dec 2003 23:18:16 +0000, Rick wrote:
>>
>>> I picked 2 no switchport interfaces, I Assinged 2 IP numbers
>>> to them from 2 different nets and I enabled ip routing.
>>> then I simply used iperf or netperf to measure the
>>> bandwith and to measure if traffic shaping works.
>>> To have a rate limiting of 45Mbps over a 100Mbps interface I have to
>>> set a rate limit in the policy map of 90Mbit and I Can;t explain it.
>>> Perhaps I must change the dscp default values ?
>>> I can't figure out.
>>> I just did something like this:
>>>
>>> mls qos
>>> !
>>> class-map match-all limit_ftp
>>> match access-group 101
>>> !
>>> !
>>> policy-map limit_ftp
>>> class limit_ftp
>>> police 90000000 1000000 exceed-action drop
>>>
>>> and applied it to a access-list 101 but the shaping resule as i told
>>> is not what I Wanted. This method works with low band rates but not with
>>> high band rates, I don't know what I Am doing of wrong.
>>> I mean with bandwith shaping of 30 or 40 Mbit I got unexpected resules.
>>>
>>>
>>> I also tryed in a different way using a rate-limiting keyword on the interface
>>> properties:
>>>
>>> interface gigabit 1/0/11
>>> rate-limit output access-group 100 1000000 187500 375000 conform-action
>>> transmit exceed-action drop
>>>
>>> it also does not work
>>>
>>> anyoen coudl help me showing me a working traffc shaping example?
>>> I read the online docs at cisco but htey did not help me.
>>>
>>> thanks very much
>>>
>>> Rick

>>
>> What kind of "unexpected results" are you getting?
>> Specifically what results are you trying to get?
>>

>
> police 90000000 1000000 exceed-action drop
>
> is shaping traffic at 45Mbit and not at 90Mbit.
> if I put
>
> police 30000000 500000 exceed-action drop
>
> it will shape traffic at 2Mbit and not 30Mbit as I would expect.
>
> could u get good results in traffic shaping with 3550 ?
> any hints?
> Rick


Try this:
police 90000000 11250000 exceed-action drop
police 30000000 3750000 exceed-action drop

Your first number is your cir (comitted access rate) however you will
never get that rate if your burst value is less than 1/8th of the cir.
Search for "Token Bucket" on cisco's website and read about how it works.
The second number determines your actual throughput maximum. The cir
works with the burst to determine the time interval in which you can use
that bandwidth.

Hope this helps.


Rick 12-09-2003 11:42 AM

Re: rate limiting with 3550 and 3750 troubles
 

exactly aht I Want to do is to limit a TCP stream.
so you mean that traffic policing is an option for achieve a rate
limiting but there are other ways to do it with cisco ?

thanks

Rick

In article <br1e7l$ini$1@localhost.localdomain>, Piotr Glaska wrote:
> "Riccardo Veraldi" <rick@diabolo.rootshell.be> wrote in message
> news:slrnbt4t9e.r1l.rick@diabolo.rootshell.be...
>
>> police 90000000 1000000 exceed-action drop
>> is shaping traffic at 45Mbit and not at 90Mbit.
>> if I put
>> police 30000000 500000 exceed-action drop
>> it will shape traffic at 2Mbit and not 30Mbit as I would expect.
>> could u get good results in traffic shaping with 3550 ?

>
> First of all we talk about traffic policing and not traffic shaping in this
> case [3][4]. This mean all traffic not conforming to specified rate and
> burst is dropped. Lost packets have some impact on TCP streams and I suppose
> you were measuring some TCP application performance (ftp?).
> It's possible to get good results with TCP and policing if you can set burst
> to value large enough [2].
> Maximum burst size in 3750 is 1MB which would be enough for policing single
> TCP stream to 15Mb/s [1].
> In Cat2950 maximum burst is 64kB for FastEthernet ports and it's enough for
><1Mb/s - I got about 900kb/s in single FTP transfer with 1Mb/s rate and 64kB
> burst. If burst is set to 32kB I get about 500kb/s.
>
> --
> Piotr
>
> [1] http://www.cnaf.infn.it/~ferrari/tfn...00/police/tcp/
> [2]
> http://www.cisco.com/en/US/partner/p...800feff5.shtml
> [3]
> http://www.cisco.com/en/US/partner/t...800a3a25.shtml
> [4]
> http://www.cisco.com/en/US/partner/p...0800ca59f.html
>
>


Rick 12-09-2003 01:16 PM

Re: rate limiting with 3550 and 3750 troubles
 
the problem here is that 3750 and 3550 seem not working.
Perhaps they are not suiteable to do traffic policing as it is 6500 series.
With 6500 everything works but the sybtax of policy-map is also different.
my policy map is:

policy-map ptest
class test
police 50000000 1000000 exceed-action drop

now here 50000000 is in bit per second.
The third field 1000000 is bytes per second as the syntax specifies:

sw-v(config-pmap-c)#police ?
<8000-1000000000> Bits per second

sw-v(config-pmap-c)#police 50000000 ?
<8000-1000000> Normal burst bytes

sw-v(config-pmap-c)#police 50000000 1000000 ?
exceed-action action when rate is exceeded
<cr>

there is no normal burst + maximum burst and conform-action options as in
catalyst 6500.

anyway as Normal burst bytes I cannot go higher than 1000000.

with this policy configuration
police 50000000 1000000 exceed-action drop

the traffic is shaped at 8Mbit/s

so it looks like is not functioning well.

any other hints abotu this topic ?
I Am really trying to understand why it does not work and this is
specific with 3550 and 3750.

perhaps I should tweak DSCP parameters ?

thank you very much

Rick

In article <br1edd$ioe$1@localhost.localdomain>, Piotr Glaska wrote:
> "Riccardo Veraldi" <rick@diabolo.rootshell.be> wrote in message
> news:slrnbt4t9e.r1l.rick@diabolo.rootshell.be...
>
>> police 90000000 1000000 exceed-action drop
>> is shaping traffic at 45Mbit and not at 90Mbit.
>> if I put
>> police 30000000 500000 exceed-action drop
>> it will shape traffic at 2Mbit and not 30Mbit as I would expect.
>> could u get good results in traffic shaping with 3550 ?

>
> First of all we talk about traffic policing and not traffic shaping in this
> case [3][4]. This mean all traffic not conforming to specified rate and
> burst is dropped. Lost packets have some impact on TCP streams and I suppose
> you were measuring some TCP application performance (ftp?).
> It's possible to get good results with TCP and policing if you can set burst
> to value large enough [2].
> Maximum burst size in 3750 is 1MB which would be enough for policing single
> TCP stream to 15Mb/s [1].
> In Cat2950 maximum burst is 64kB for FastEthernet ports and it's enough for
><1Mb/s - I got about 900kb/s in single FTP transfer with 1Mb/s rate and 64kB
> burst. If burst is set to 32kB I get about 500kb/s.
>
> --
> Piotr
>
> [1] http://www.cnaf.infn.it/~ferrari/tfn...00/police/tcp/
> [2]
> http://www.cisco.com/en/US/partner/p...800feff5.shtml
> [3]
> http://www.cisco.com/en/US/partner/t...800a3a25.shtml
> [4]
> http://www.cisco.com/en/US/partner/p...0800ca59f.html
>
>
>


Piotr Glaska 12-10-2003 10:20 AM

Re: rate limiting with 3550 and 3750 troubles
 

"Rick" <rick@diabolo.rootshell.be> wrote in message
news:slrnbtbiou.657.rick@diabolo.rootshell.be...

> I Am really trying to understand why it does not work and this is
> specific with 3550 and 3750.


Policing works but on 3750 is somewhat limited in case of TCP.
As I said 1MB burst (which is maximum for 3750) should be enough for
_single_ TCP stream of 15Mb/s. With more streams the rate is even lower.
Cisco suggest using normal burst of RATE*1.5 / 8 (this is for policing on
routers but I suppose it's ok for switches too), which mean that for 50Mb/s
traffic rate you should set burst to almost 10MB. Because maximum burst you
can set on 3750 is ten times lower so the maximum suggested rate for TCP
would also be ten times lower (5Mb/s). For Cat4500 and Cat6500 maximum burst
size is 512MB so they are more suitable for policing larger TCP traffic.

--
Piotr



Piotr Glaska 12-10-2003 10:24 AM

Re: rate limiting with 3550 and 3750 troubles
 

"Rick" <rick@diabolo.rootshell.be> wrote in message
news:slrnbtbd8j.657.rick@diabolo.rootshell.be...

> so you mean that traffic policing is an option for achieve a rate
> limiting but there are other ways to do it with cisco ?


On routers you can do traffic shaping which delays packets rather than
dropping them.

--
Piotr




All times are GMT. The time now is 08:06 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.