How does Cisco routers throttle traffic?

Hi Experts,

We are trying to solve a problem with oversaturation of our network WAN connections.

Here's our situation:

5 sites with Cisco 2911 routers connecting to AT&T's MPLS network - T1 connections.
1 site wih Cisco 3845 router connecting to same AT&T MPLS network - DS3 connection.
The DS3 was an upgrade from a burstable 3mb pipe.

Normal business network traffic:  Exchange, web, file transfers, etc coming over the wire.

Our support is suggesting that we are having problems due to the disparity between our speeds, and that we  are pushing more traffic than the T1s can handle.

This doesn't make sense to me.  If this was the case, then every site in the world would have to be the same speed.

Please explain how traffic is regulated or throttled across the internet, especially an MPLS network.

Thank you,

Who is Participating?
blue-screenConnect With a Mentor Commented:
Yes, same type of policies used for VoIP.

QoS has three major functions:

- Prioritize: Put some traffic in front of other traffic. (VOice ahead of data)
- Shape: Pump out packets no faster than the far end can handle.
- Police: Throw away (or otherwise mark) packets which are coming in too fast.

MQC (modular QoS CLI) provides the means to do all three.

Bottom line:  Unless you tell the router otherwise, it will send traffic as close to line rate as it can.
Faruk Onder YerliOwnerCommented:
you may apply service-policy to T1 interfaces. you may give priority or bandwidth for IP or service.
You may find information below link how you will use QoS definition on interfaces.
You should read up on "traffic shaping."

The MPLS network probably has T1 (1.544 mbps) committed information rate to each of the 5 sites.  If you are pushing traffic down the DS3 (45 mbps) faster than the end sites can absorb (1.544 mbps), the MPLS network will pitch the packets in an arbitrary fashion, slowing performance for everyone.

What you want to to is "traffic shape" the MPLS traffic to T1 speed and THEN apply the QoS rules at the router.  Minimally, the routers default "fair queuing"  algoritms will cluster the discarded packets in such a way as to minimize impacts of dropped packets (and you will have visibility to the dropped packets) is a good place to start to understand the issue.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

svillardiAuthor Commented:
When you shape the traffic, is that like throttling?  Are we "wasting" our 45mb pipe if we "shaping down" the traffic to T1 speed?  When you "shape" it, does it get set on any specific interface or route?  

Some of this stuff is WAY over my head, but having said that, my understanding is that with BGP, when you "advertise" a route, you are telling everyone "I am here!" -- so are there no settings for the other end (my other 5 sites)??

BTW, I also have about a dozen SOHO sites, all on DSL.  Do you "shape" those too?

Or is this a Global setting?
Wasting?  No.  The problem is that each far end can't receive traffic faster than 1.5mbits second.  No matter how you slice it, if you send faster than the far end can handle. something has to give...and that is packet dropping.  So you have an MPLS "virtual circguit" to each of the remote sites.

You want to "shape" each "MPLS virtual circuit" to each of the five sites to  1.5mbps each.  The 5 sites are 5x1.5mbps so you will use 7.5mbps of your 45mbps link.  Do you also get internet access through that link?  That probably is a 6th virtual circuit.

SOHO sites on DSL:  Are they over the internet or the private MPLS network?  I think you confuse access to the internet with private MPLS network access because they may be provided on the same T3 trunk.

No matter - you need to "shape" the traffic to each MPLS circuit to the optimum rate on the receiving end.
svillardiAuthor Commented:
SOHO sites VPN to the core and then access both our location (site with 45mb) and the other 5 sites as necessary.  We have no say in what goes on to the Core -- parent company.

svillardiAuthor Commented:
Our internet access is thru this connection.  We have a proxy at another location, which all locations must go thru to get to the internet.

So what do I tell my engineers to look at -- and what should I look for in our router's running-config?

Also, what should I tell my engineering team?  I'm not sure they know what to look for and the more eyes the better.

Thanks for your help.
You want to use the Modular QoS CLI to set the QoS policies to each destination, and then apply a servce-policy to the T3 interface.

Is a place to start to understand that.

Use a CLASS-MAP to identify each destination network.
Set a TRAFFIC-POLICY which can shape the traffic to 1.5mbps, referring to the class map.  The traffic policy can match multiple classes, and assign a policing bandwidth to each class
Apple the resulting SERVICE-POLICY to the interface/subinterface that needs that traffic policy.

Do you have a subinterface for each destination?

svillardiAuthor Commented:
I've never heard of a sub-interface for a remote network on a local router.

Again, I am on the CCNA level, so some of this is over my head.

But looking at my interfaces, I don't see any subs.

Unless I am misunderstanding..

Also:  you mention QoS policies, are these the same type of QoS that is used to prioritize VOIP traffic?

svillardiAuthor Commented:
I don't know how this will fly with Corporate standards, but thank you very much for the assistance!
With a more detailed question, a more detailed answer can be provided.  I'm not sure why "Corporate" would be upset.  You can't send more than 1.5 Mbit per second to a site with a 1.5 mbps link.  It is just not possible.

Whenever you aggregate a number of sites with virtual circuits (like MPLS) to a central site with a single high-bandwidth connection (a "large pipe"), you have to shape the traffic at the central site to avoid overruning the site with too much data.  Failing to do so results in lost packets and poor performance, which sounds like precisely the issue you have here.
svillardiAuthor Commented:
Corporate standards setup a "template" and apply that to all MPLS sites.  Deviating from that template probably won't happen:  They design it, they implement it -- we deal with it.  I spoke to Corporate and they said that they were just developing QoS for specific types of traffic, specifically voip of course.  As you explained, we need the shaping more than the prioritizing.  I'm not sure if shaping traffic has the same commands as prioritizing it, but if not we'll be "pushing back", as they say, so that our sites get what they need.  Thanks again!
I think you need TEMPLATE for each "spoke" site, but the hub would need different care and feeding.

QoS is modular, meaning that the shaping, policing and prioritizing are all tone in the same framework, called the "MQC" (Modular QoS CLI - Modular Quality of Service Command Line Interface).  I guess MQC sounds better than "MQOSCLI."

Until you undertake shaping on the hub, the MPLS provider will arbitrarily drop packets from the hub that overrun the access rate, resulting in spotty performance as seen from the spoke users.

Good luck!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.