2010-08-31

Policing vs rate-limiting

Filed under: Geekiness — iain @ 06:31:51

I read some Cisco documentation recommending the use of traffic policing in a service policy over rate-limiting on an interface. I already used a policy to set DSCP values which later controlled the rate-limiting so switching to policing would cut out the middle man and be easier to understand. That being said, my goal is not to enter my router into some kind of Cisco guideline conformance competition but to get it to to what I want efficiently. The fact that Cisco recommend doing things differently is not in itself reason to switch. For that I looked at the rather harsh effects of rate-limiting.

As an example I was downloading a file via HTTP during peak time yesterday. The transfer was proceeding at 32kBps or so which is to be expected. Then all of a sudden it dropped out. From time to time I had been seeing similar things. When Steam decides to download patches for games it will report wildly fluctuating download rates. This is to be expected if your traffic management consists of dropping inbound packets but if anything can make things more civilised then I’m happy to hear about it.

I removed my rate-limiting options from the Dialer0 interface and instead added police rules (with the exact same bandwidth specifications) to my peak service policy, which now looks like this:

    policy-map peak
      description Set bandwidth at peak time.
     class peak-default
        police 64000 12000 24000 conform-action transmit  exceed-action drop  violate-action drop
     class peak-lowest
        police 32000 6000 12000 conform-action transmit  exceed-action drop  violate-action drop
     class peak-low
        police 128000 24000 48000 conform-action transmit  exceed-action drop  violate-action drop
     class peak-medium
        police 512000 96000 192000 conform-action transmit  exceed-action drop  violate-action drop
     class peak-high
        police 1024000 192000 384000 conform-action transmit  exceed-action drop  violate-action drop

It seemed to work. Traffic was still limited to the desired bandwidth but the file which I consistently failed to download properly was successfully retrieved

No Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

You must be logged in to post a comment.

Powered by WordPress