matheweis
asked on
Aggregate Bandwidth Rate Limiting with CiR/CAR Rate Limiting
Hello,
I am looking for a solution to do traffic-shaping and rate limiting on an aggregate port-based / traffic path basis...
Here is the problem; my ISP has allocated us a block of 16 static IPs on a 2 Mb up/down connection. However, they control the routing, and we do not have access to the router to do any kind of QoS, etc.
Let's say that I have 6 devices attached to this network using the static IPs. Naturally, since I only have one wire coming down from the router, they must be connected to a switch. Unfortunately this allows me zero percent control over the QoS and badnwidth that the various devices use.
The trouble comes in that one of those devices is a video conference endpoint that I want to dedicate 1 Mb of bandwidth to. Of course, using an inexpensive switch with rate-limiting capbilities, I can throttle the bandwidth; I could rate-limit each of the 5 other devices to 200k each; this would ensure that I always have 1Mb available to the conference unit.
The obvious solution here is to develop some kind of aggregate policy, say, the sum of ports 1 through 6 must not exceed 2Mb, and port 6 (The VC device) must have a commited information rate of 1Mb (But if the unit is not in use, then the whole 2Mb should be available to the other ports) This becomes slightly more complex when you realize that the traffic from the other 5 devices may potentially be flowing between each other; thus you cannot simply police the sum of the ingress and egress traffic on the ports.
The ultimate solution would allow for policing of the traffic flowing from ports 1-6 to port 8 where the router is connected, but not any of the traffic flowing between any of ports 1-6 to each other.
The more I think about this, the more complex it appears, yet it seems to me a situation that would be rather common. (3 of the 4 network locations I manage have this issue, and I can see many other network managers having similar issues)
Does anyone know of an elegant solution? I can't seem to find a layer 2 switch that can do what I'm looking for, and although it appears there are a few layer 3 switches that could, they all have far more than the 8 to 16 ports necessary and are quite costly. Thoughts?
I am looking for a solution to do traffic-shaping and rate limiting on an aggregate port-based / traffic path basis...
Here is the problem; my ISP has allocated us a block of 16 static IPs on a 2 Mb up/down connection. However, they control the routing, and we do not have access to the router to do any kind of QoS, etc.
Let's say that I have 6 devices attached to this network using the static IPs. Naturally, since I only have one wire coming down from the router, they must be connected to a switch. Unfortunately this allows me zero percent control over the QoS and badnwidth that the various devices use.
The trouble comes in that one of those devices is a video conference endpoint that I want to dedicate 1 Mb of bandwidth to. Of course, using an inexpensive switch with rate-limiting capbilities, I can throttle the bandwidth; I could rate-limit each of the 5 other devices to 200k each; this would ensure that I always have 1Mb available to the conference unit.
The obvious solution here is to develop some kind of aggregate policy, say, the sum of ports 1 through 6 must not exceed 2Mb, and port 6 (The VC device) must have a commited information rate of 1Mb (But if the unit is not in use, then the whole 2Mb should be available to the other ports) This becomes slightly more complex when you realize that the traffic from the other 5 devices may potentially be flowing between each other; thus you cannot simply police the sum of the ingress and egress traffic on the ports.
The ultimate solution would allow for policing of the traffic flowing from ports 1-6 to port 8 where the router is connected, but not any of the traffic flowing between any of ports 1-6 to each other.
The more I think about this, the more complex it appears, yet it seems to me a situation that would be rather common. (3 of the 4 network locations I manage have this issue, and I can see many other network managers having similar issues)
Does anyone know of an elegant solution? I can't seem to find a layer 2 switch that can do what I'm looking for, and although it appears there are a few layer 3 switches that could, they all have far more than the 8 to 16 ports necessary and are quite costly. Thoughts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
rsivanandan:
What enterprise switches do have the capability; just so I can know what I'm looking for...?
Software isn't a valid solution - the 6 devices include a NAT router, a hardware video conference device, a Linux server, and 3 Windows servers. Also, I need to be able to dynamically adjust bandwidth delivered to each device in direct relation to the bandwidth being used by the other devices. It's really a pretty complex problem.
mikecr:
I would be interested in an inline device; note that a switch would essentially be an inline device. Also, I have been testing the Hawking HBB1 device, which makes things bearable but ultimately still doesn't work. http://www.hawkingtech.com/products/productlist.php?CatID=36&FamID=80&ProdID=216
Hmm, the Packeteer PacketShaper device with the Traffic Shaping module looks like it has a lot of potential. It depends on how configurable it is.
What enterprise switches do have the capability; just so I can know what I'm looking for...?
Software isn't a valid solution - the 6 devices include a NAT router, a hardware video conference device, a Linux server, and 3 Windows servers. Also, I need to be able to dynamically adjust bandwidth delivered to each device in direct relation to the bandwidth being used by the other devices. It's really a pretty complex problem.
mikecr:
I would be interested in an inline device; note that a switch would essentially be an inline device. Also, I have been testing the Hawking HBB1 device, which makes things bearable but ultimately still doesn't work. http://www.hawkingtech.com/products/productlist.php?CatID=36&FamID=80&ProdID=216
Hmm, the Packeteer PacketShaper device with the Traffic Shaping module looks like it has a lot of potential. It depends on how configurable it is.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Matheweis,
Cisco routers, as you an see above from Jim's config example.
Cheers,
Rajesh
Cisco routers, as you an see above from Jim's config example.
Cheers,
Rajesh
Seriously if you think about it, if you don't have control over the router, anyone on the inside could initiate a large download that could create a problem. The QoS policy is good, but you need to police whats coming in also.
policy-map MYPOLICY
class REALTIME
bandwidth 1500
class HTTP
bandwidth 250
class class-default
bandwidth 250
police cir 250 <------------------------- ---------- ------ Just add the commands, if you want to police
conform-action transmit
exceed-action drop
class REALTIME
bandwidth 1500
class HTTP
bandwidth 250
class class-default
bandwidth 250
police cir 250 <-------------------------
conform-action transmit
exceed-action drop
ASKER
After several months of experimenting and testing in my limited spare time, it turns out that mikecr's solution was exactly what I was looking for, and in fact the only way to do it as far as I can still find.... too bad the Packeteer devices are as expensive as they are.
Jim_Coyne gets some points for an alternative option, even though it wasn't quite what I was after, but would have worked in some different scenarios.
Jim_Coyne gets some points for an alternative option, even though it wasn't quite what I was after, but would have worked in some different scenarios.
ASKER
Specifically, Jim_Coyne's solution would work, but leave that bandwidth reserved for video all the time. I was after a solution that would make that 1500k of bandwidth available for other uses such as HTTP when the video was not in use, which the above Cisco configuration does not do.
The Packateer device, however, does this perfectly.
The Packateer device, however, does this perfectly.
How about thinking of a software that can be installed on all the 6 computers (since it is going to be only 6 in number) ?
www.netlimiter.com
Take a look at it and see if it would help you.
Cheers,
Rajesh