QOS police vs bandwidth - is this configuration wrong?
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
I understand police in QOS is to set a limit to the maximum bandwidth.
class test_out
police **1608000** 50000 100000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32 violate-action set-dscp-transmit 28
**bandwidth 2542**
random-detect dscp-based
random-detect exponential-weighting-constant 7
random-detect dscp 26 50 80 10
random-detect dscp 28 15 40 5
Can someone tell me if the above configuration is self defeating ?
I have a guarantee bandwidth of 2542Kb, but traffic is being police at 1608000 bits = 1570Kb
==================
Edit:
q1) With the police value configured lowered then the guarantee bandwidth, is my traffic still able to reach the guarantee bandwidth ?
q2) If it is able to reach the guarantee bandwidth due to the fact that the exceed and violate action does not drop traffic, then what is the difference between the exceed and violate action of set-dscp-transmit af32 and dscp 28 ? (both seems to have the same DSCP value)
cisco switch router qos bandwidth
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
add a comment |
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
I understand police in QOS is to set a limit to the maximum bandwidth.
class test_out
police **1608000** 50000 100000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32 violate-action set-dscp-transmit 28
**bandwidth 2542**
random-detect dscp-based
random-detect exponential-weighting-constant 7
random-detect dscp 26 50 80 10
random-detect dscp 28 15 40 5
Can someone tell me if the above configuration is self defeating ?
I have a guarantee bandwidth of 2542Kb, but traffic is being police at 1608000 bits = 1570Kb
==================
Edit:
q1) With the police value configured lowered then the guarantee bandwidth, is my traffic still able to reach the guarantee bandwidth ?
q2) If it is able to reach the guarantee bandwidth due to the fact that the exceed and violate action does not drop traffic, then what is the difference between the exceed and violate action of set-dscp-transmit af32 and dscp 28 ? (both seems to have the same DSCP value)
cisco switch router qos bandwidth
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27
add a comment |
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
I understand police in QOS is to set a limit to the maximum bandwidth.
class test_out
police **1608000** 50000 100000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32 violate-action set-dscp-transmit 28
**bandwidth 2542**
random-detect dscp-based
random-detect exponential-weighting-constant 7
random-detect dscp 26 50 80 10
random-detect dscp 28 15 40 5
Can someone tell me if the above configuration is self defeating ?
I have a guarantee bandwidth of 2542Kb, but traffic is being police at 1608000 bits = 1570Kb
==================
Edit:
q1) With the police value configured lowered then the guarantee bandwidth, is my traffic still able to reach the guarantee bandwidth ?
q2) If it is able to reach the guarantee bandwidth due to the fact that the exceed and violate action does not drop traffic, then what is the difference between the exceed and violate action of set-dscp-transmit af32 and dscp 28 ? (both seems to have the same DSCP value)
cisco switch router qos bandwidth
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
I understand police in QOS is to set a limit to the maximum bandwidth.
class test_out
police **1608000** 50000 100000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit af32 violate-action set-dscp-transmit 28
**bandwidth 2542**
random-detect dscp-based
random-detect exponential-weighting-constant 7
random-detect dscp 26 50 80 10
random-detect dscp 28 15 40 5
Can someone tell me if the above configuration is self defeating ?
I have a guarantee bandwidth of 2542Kb, but traffic is being police at 1608000 bits = 1570Kb
==================
Edit:
q1) With the police value configured lowered then the guarantee bandwidth, is my traffic still able to reach the guarantee bandwidth ?
q2) If it is able to reach the guarantee bandwidth due to the fact that the exceed and violate action does not drop traffic, then what is the difference between the exceed and violate action of set-dscp-transmit af32 and dscp 28 ? (both seems to have the same DSCP value)
cisco switch router qos bandwidth
cisco switch router qos bandwidth
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
edited Dec 20 at 21:24
Ron Maupin♦
62.2k1262118
62.2k1262118
asked Dec 16 at 8:16
Noob
29329
asked Dec 16 at 8:16
Noob
29329
asked Dec 16 at 8:16
Noob
29329
29329
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27
add a comment |
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27
add a comment |
1 Answer
1
active
oldest
votes
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
There is really a lot more to QoS than that.
I understand police in QOS is to set a limit to the maximum bandwidth.
Policing is dropping traffic that exceeds certain parameters.
To actually police, you need to drop traffic above your predefined bandwidth. You are still allowing all traffic, only setting the DSCP for traffic exceeding the bandwidth.
Normally, you use a priority queue to guarantee minimum bandwidth for a class, then drop any traffic exceeding the guaranteed minimum bandwidth. Do that in your policy map. For example:
policy-map Test
class VoIP
priority percent 23
police cir percent 23 conform-action transmit exceed-action drop
!
Your example configuration really isn't doing much for you.
Edit:
You are simply changing markings in the class map. It is a policy map that would give you the guaranteed bandwidth by using a priority queue. Policing is dropping traffic outside of your parameters.
You want to classify and mark traffic as close to the source as possible, setting up a trust point. After that, you can treat (police, queue, shape) the traffic based on the marking.
Trying to do both on a router will certainly drive up the CPU utilization, and it doesn't allow you to treat the traffic throughout your whole network. In general, you classify and mark on the access switches, then treat on the routers.
See this two-part answer for more about QoS.
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55497%2fqos-police-vs-bandwidth-is-this-configuration-wrong%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
There is really a lot more to QoS than that.
I understand police in QOS is to set a limit to the maximum bandwidth.
Policing is dropping traffic that exceeds certain parameters.
To actually police, you need to drop traffic above your predefined bandwidth. You are still allowing all traffic, only setting the DSCP for traffic exceeding the bandwidth.
Normally, you use a priority queue to guarantee minimum bandwidth for a class, then drop any traffic exceeding the guaranteed minimum bandwidth. Do that in your policy map. For example:
policy-map Test
class VoIP
priority percent 23
police cir percent 23 conform-action transmit exceed-action drop
!
Your example configuration really isn't doing much for you.
Edit:
You are simply changing markings in the class map. It is a policy map that would give you the guaranteed bandwidth by using a priority queue. Policing is dropping traffic outside of your parameters.
You want to classify and mark traffic as close to the source as possible, setting up a trust point. After that, you can treat (police, queue, shape) the traffic based on the marking.
Trying to do both on a router will certainly drive up the CPU utilization, and it doesn't allow you to treat the traffic throughout your whole network. In general, you classify and mark on the access switches, then treat on the routers.
See this two-part answer for more about QoS.
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
add a comment |
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
There is really a lot more to QoS than that.
I understand police in QOS is to set a limit to the maximum bandwidth.
Policing is dropping traffic that exceeds certain parameters.
To actually police, you need to drop traffic above your predefined bandwidth. You are still allowing all traffic, only setting the DSCP for traffic exceeding the bandwidth.
Normally, you use a priority queue to guarantee minimum bandwidth for a class, then drop any traffic exceeding the guaranteed minimum bandwidth. Do that in your policy map. For example:
policy-map Test
class VoIP
priority percent 23
police cir percent 23 conform-action transmit exceed-action drop
!
Your example configuration really isn't doing much for you.
Edit:
You are simply changing markings in the class map. It is a policy map that would give you the guaranteed bandwidth by using a priority queue. Policing is dropping traffic outside of your parameters.
You want to classify and mark traffic as close to the source as possible, setting up a trust point. After that, you can treat (police, queue, shape) the traffic based on the marking.
Trying to do both on a router will certainly drive up the CPU utilization, and it doesn't allow you to treat the traffic throughout your whole network. In general, you classify and mark on the access switches, then treat on the routers.
See this two-part answer for more about QoS.
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
add a comment |
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
There is really a lot more to QoS than that.
I understand police in QOS is to set a limit to the maximum bandwidth.
Policing is dropping traffic that exceeds certain parameters.
To actually police, you need to drop traffic above your predefined bandwidth. You are still allowing all traffic, only setting the DSCP for traffic exceeding the bandwidth.
Normally, you use a priority queue to guarantee minimum bandwidth for a class, then drop any traffic exceeding the guaranteed minimum bandwidth. Do that in your policy map. For example:
policy-map Test
class VoIP
priority percent 23
police cir percent 23 conform-action transmit exceed-action drop
!
Your example configuration really isn't doing much for you.
Edit:
You are simply changing markings in the class map. It is a policy map that would give you the guaranteed bandwidth by using a priority queue. Policing is dropping traffic outside of your parameters.
You want to classify and mark traffic as close to the source as possible, setting up a trust point. After that, you can treat (police, queue, shape) the traffic based on the marking.
Trying to do both on a router will certainly drive up the CPU utilization, and it doesn't allow you to treat the traffic throughout your whole network. In general, you classify and mark on the access switches, then treat on the routers.
See this two-part answer for more about QoS.
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
I understand bandwidth in QOS is use to guarantee a minimum bandwidth
There is really a lot more to QoS than that.
I understand police in QOS is to set a limit to the maximum bandwidth.
Policing is dropping traffic that exceeds certain parameters.
To actually police, you need to drop traffic above your predefined bandwidth. You are still allowing all traffic, only setting the DSCP for traffic exceeding the bandwidth.
Normally, you use a priority queue to guarantee minimum bandwidth for a class, then drop any traffic exceeding the guaranteed minimum bandwidth. Do that in your policy map. For example:
policy-map Test
class VoIP
priority percent 23
police cir percent 23 conform-action transmit exceed-action drop
!
Your example configuration really isn't doing much for you.
Edit:
You are simply changing markings in the class map. It is a policy map that would give you the guaranteed bandwidth by using a priority queue. Policing is dropping traffic outside of your parameters.
You want to classify and mark traffic as close to the source as possible, setting up a trust point. After that, you can treat (police, queue, shape) the traffic based on the marking.
Trying to do both on a router will certainly drive up the CPU utilization, and it doesn't allow you to treat the traffic throughout your whole network. In general, you classify and mark on the access switches, then treat on the routers.
See this two-part answer for more about QoS.
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
edited Dec 16 at 18:45
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
answered Dec 16 at 8:46
Ron Maupin♦
62.2k1262118
62.2k1262118
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
add a comment |
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
thanks for the reply. I actually inherit this configuration from a service provider and is trying to see if the configuration make sense. I have edited by original post - hope you can take a look
– Noob
Dec 16 at 18:39
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
We would really need a lot more information about the network and the network device configurations to offer even a valid opinion. Based on the little bit you have there, it looks like a mess. It may be worthwhile for the business to hire a consultant to come up with a comprehensive QoS plan, and then you document it so that this situation does not arise in the future.
– Ron Maupin♦
Dec 17 at 2:24
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
agreed. but the first and foremost concern would be if i am still able to reach the guarantee bandwidth provided despite having a lower policer cir rate. since the policer is not actualy dropping any excess, can i assume i am able to reach the ganrantee bandwidth of 2542 then ?
– Noob
Dec 17 at 13:08
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55497%2fqos-police-vs-bandwidth-is-this-configuration-wrong%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can provide and accept your own answer.
– Ron Maupin♦
Dec 25 at 10:27