Solved

Cisco QOS - Police Questions

Posted on 2010-08-24
11
1,175 Views
Last Modified: 2012-06-27
Hi All,

WOuld be of great help if anyone can help me answer the below questions so that i can better understand the QOS.

- Below is the Police we have set for Voice Traffic. Based on my understanding that the Voice Traffic can have a maximum of 884Kbps and in case of any congestion it will be gurantted a 884Kbps any time. But what does the 8000 Burst Bytes do? I have read few papers saying that the 8000 is the size of the token bucket? If it is the size of the token bucket , is there a token bucket created for each flow(means each source and destination IP with port) or the whole class has onlyi one token bucket size of 8000 bytes? Also on what scenarios can we actually full up the 8000 bytes? Because today we are seeing a lot of drop packets beacuse of this police. But the problem is the 884kbps is never full and not sure if the 8000 is somehow dropping the packets.

 police 884000 8000 conform-action set-dscp-transmit ef exceed-action drop
  priority 884

Also does the priroity 884 means it will never allow the other class to use that 884kbps even when there is no utilization for the Voice Class? Is it just reserverd for it.

Thanks
Hari
0
Comment
Question by:kamalgopi
  • 4
  • 4
  • 3
11 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 250 total points
ID: 33509698
The token bucket is a fixed value -- it is not per stream.

I typically set my burst to 10% of the bandwidth/priority value specified.  I recommend changing the burst to 88400.

'priority' does reserve that amount of bandwidth for that policy.  Your other option is to use a 'bandwidth percent' value.
0
 
LVL 11

Author Comment

by:kamalgopi
ID: 33510013
Hi Jesper,

Thanks for the information. Then what does this Token Bucket really mean? What is the 10% value actually for? Because even without any high Utilization we are seeing Packet Drops for this Voice Class, i am worried that this Burst rate is causing the issue. Also any idea on why set it to 10% only?. Any theory behind it?

Also thanks on the priority information, probably we will change it to Bandwidth.

Thanks
Hari
0
 
LVL 9

Assisted Solution

by:Alex Bahar
Alex Bahar earned 250 total points
ID: 33510229
Normally buckets belong to the subinterface or interface. Normally it is not per flow. However SUP720 has a per flow policy mechanism as well. It is called microflow. You can also apply policing to a group of interfaces using aggregate policing feature. You need to refer to each product's reference document for supported policing type. The hardware implementation may be different especially on switches.
Class-based policing - If you apply a policy with the police command to both the interface and the subinterface, only the subinterface policer is active for the traffic that matches the class.
Typically your bucket size should be at least 10% of your policed bandwidth. In your example bucket size should be 88400 or higher. Your current size of 8000 may cause packet drops if the traffic is bursty (for example variable bit rate video).
Priority 884 does not strictly reserve 884kbps bandwidth for priority queue. It is used as needed. If there is no priority traffic, then this bandwidth can be used by other classes. Cisco says
Although the bandwidth guarantees provided by the bandwidth and priority commands have been described with words like "reserved" and "bandwidth to be set aside", neither command implements a true reservation. In other words, if a traffic class is not using its configured bandwidth, any unused bandwidth is shared among the other classes.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 33510264
This is an excellent document on token buckets, burst, etc:

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpolsh.html

Typically what I would expect to see in the police command are:

  maximum_bandwidth  normal_burst maximum_burst

           884000             88400        221000

and then the actions that you wish to take.

I've used 10% as a baseline to protect downstream equipment that does not have a sufficient buffer to pass 25%.

I would recommend increasing your burst to 10% first.  If that is not enough, try 25%.
0
 
LVL 9

Expert Comment

by:Alex Bahar
ID: 33510308
You should keep your "priority" keyword if you have voip or video.
Priority queue is implemented in the hardware (usually hardware queue #4). If you remove the "priority" command, then queue #4 turns into an ordinary queue. When it turns into an ordinary queue, it will provide/guarantee the necessary bandwidth, but it will not provide priority queueing. If you do not have priority queueing, this means that your voice packets will wait until its queue is serviced. This will cause random delays between voice packets. In other words "jitter". Too much jitter causes robotic sound, or frozen video, blue screen.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 28

Expert Comment

by:Jan Springer
ID: 33510322
With VoIP, I prefer priority.  However, it's important to understand the differences:

http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a0080103eae.shtml
0
 
LVL 9

Expert Comment

by:Alex Bahar
ID: 33510506
With voip, "priority" queue is a requirement. You cannot avoid it. Please check Cisco documents for LLQ.
0
 
LVL 11

Author Comment

by:kamalgopi
ID: 33512728
Guys,

Really appreciate your answers. Am i right to say that the Burst rate is actually the Data Transfer speed. In the token bucket metaphor, tokens are put into the bucket at a certain rate; in this the certain rate is actually the 10% which is mentioned in bytes? 88400 bytes which is 707kbps? if that is correct then increasing it to 25% will not cause more drops as it goes more than the mean rate mentioned in the police.

If i am wrong, then what is the Burst rate actually used for? When does the 10% come into picture? If i dont set to 10% why does it even drop?

i am sorry if i am confusing myself and confusing you guys.

Thanks
Hari
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 33512817
"A token bucket is a formal definition of a rate of transfer. It has three components: a burst size, a mean rate, and a time interval (Tc)."

"Burst size—Also called the Committed Burst (Bc) size, it specifies in bits (or bytes) per burst how much traffic can be sent within a given unit of time to not create scheduling concerns. (For a shaper, such as GTS, it specifies bits per burst; for a policer, such as CAR, it specifies bytes per burst.)"
0
 
LVL 9

Expert Comment

by:Alex Bahar
ID: 33513532
Burst size is used for making sure the traffic rate increases gradually. That can be used for avoding sudden congestion. The aim is to have a smoother traffic pattern while staying within your bandwidth limits. If your burst size is too small, all giant packets that contain more bytes than your bucket gets dropped, because they don't fit into your bucket. Just because of that you need to make sure your burst size should also be at least twice as big as your largest packet size.
0
 
LVL 11

Author Comment

by:kamalgopi
ID: 33516351
Thanks guys...Anyway is the Burst Size also per Flow or for the traffic for the whole class?
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now