QoS in home network

Hi,

I'm learning about QoS, MQC policers, shapers, queues; and i wanted to try to implement these in real scenario. Namely, how can i split up incoming bandwidth from isp into two equal parts, if there is congestion.
My modem is connected to cisco router, which is connected to 3560, to which are connected two hosts.
My DL bandwidth to isp is 2Mbps.
Now, i was pondering how can i split up this bandwidth so that if there is complete congestion ie. both computers are doing some heavy duty downloading, each host will get only 1Mbps; if there is only one host using connection, it should get whole 2Mbps.
Can anyone help me with these please?

thanks

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

ColbyG

Use ACLs to break both IPs into class maps, then guarantee 1mb of bandwidth to each class. Not the greatest design, but it should work.

acidsatyr

Hi, thx for reply.

The thing is, i don't want to restrict each computer to only 1Mbs statically. I could apply a policer on inbound connection and drop exceeding traffic.
But how would i go about letting a host get whole 2Mbps if other is idle?

Forsaken_GA

Depending on how you've set it up, unless my understanding is *totally* flawed (and I hope not, since I'm planning to take the QoS exam next week), what Colby suggested should work. The tools shouldn't kick in until there's actually congestion, so if one host is idle, the other should have access to the bandwidth, until the other becomes idle, at which point it'll be able to get it's guaranteed bandwidth.

I personally took a different tack - I don't care how much traffic each individual host gets, but whatever computer I'm on, I need to be able to browse the web and ssh without file transfers having an adverse effect on that, so I match and mark my protocols and queue based on that instead of individual host

acidsatyr

You are right, limiting bandwidth based on traffic makes more sense.
But, let's say there are two hosts so that traffic can be shared equaly among them, no matter that traffic (so if my brother wants to useup all his band for torrents, that's up to him...).

ISP<---------->[modem]---------[3660]---------[3560]---------pc1
                                                   ]---------pc2

Let's say this is my network with 3660 router and 3560 switch.

The closest to solution i've got would be something like this:

On 3660:

!
ip access-l ext PC1 permit ip any host 192.168.100.5
ip access-l ext PC2 permit ip any host 192.168.100.6
!
class-map PC1
match access name PC1
class-map PC2
match access name PC2
!
policy-map TRAFFIC
class class-default
service-policy POLICER
!
policy-map POLICER
class PC1
police cir 1000000 bc 125000 pir 2000000 be 250000
conform-action set-prec-transmit 1
exceed-action set-prec-transmit 0
violate-action drop
class PC2
police cir 1000000 bc 125000 pir 2000000 be 250000
conform-action set-prec-transmit 1
exceed-action set-prec-transmit 0
violate-action drop
!

So what that do would do is it would allow traffic to both hosts to burst
continuously up to 2Mb(about so), but it would mark it down so that in case of upstream congestion the flow with prec 1 would be prefered.

In other words, if the link between router and switch is 2Mbps, i could put in simple WFQ, and there would be only two equal flows with equal weights and so TCP traffic would eventually size down to 1Mbps each, if both hosts need that much. Otherwise each host could use whatever other side don't need at them moment.

But the link between 3660 and 3560 is 100Mbps so there can't be congestion.

If there is simpler solution share it please.

ColbyG

Forsaken_GA wrote: »

I personally took a different tack - I don't care how much traffic each individual host gets, but whatever computer I'm on, I need to be able to browse the web and ssh without file transfers having an adverse effect on that, so I match and mark my protocols and queue based on that instead of individual host

This is the normal (better) way to do it.

acidsatyr wrote:

Hi, thx for reply.

The thing is, i don't want to restrict each computer to only 1Mbs statically. I could apply a policer on inbound connection and drop exceeding traffic.
But how would i go about letting a host get whole 2Mbps if other is idle?

What I told you will do exactly that. During times of congestion it will guarantee 1mb to each host, but it will not restrict them to the 1mb. When there is no congestion each host can use the bandwidth available to them beyond 1mb.

networker050184

Why are you using nested policy maps with the parent policy not doing anything? That kind of defeats the whole purpose.

I'm not sure why you would want to police inbound here either. By that point it has already saturated your bandwidth all the way through you cable modem. You aren't going to get extra bandwidth out of the link. To really accomplish what you want to do you would have to police egress on the other side of the link. You also have plenty bandwidth on your LAN so its not really going to help you much there either.

acidsatyr

well the traffic is already on the link, but the idea was that if the traffic is tcp, it will adjust itself down to available bandwidth.
In any case i'm confused up to this point.
If anyone could provide the code that would make it lot more clearer, if you want.
Thanks again all of you.

ColbyG

!
ip access-l ext PC1 permit ip any host 192.168.100.5
ip access-l ext PC2 permit ip any host 192.168.100.6
!
class-map PC1
match access name PC1
class-map PC2
match access name PC2
!
policy-map TRAFFIC
 class PC1
  bandwidth 1024
 class PC2
  bandwidth 1024
!
int fa0/0
 desc OUTSIDE
 service-policy output TRAFFIC
!

This will do what you asked, but again, it's not good practice.

acidsatyr

That makes sense, actually. Why is it not a good practice?

Just one question; that queuing would work if that interface was limited to 2 Mbps, like if serial interface was clocked at 2Mbps; but how will it work on fa interface with 100Mbps? How can i force limit to 2 Mbps so that queuing triggers in the first place?

Thanks you have been very helpful.

networker050184

policy-map PARENT
class class-default
shape 2000000
service-policy TRAFFIC

That's free hand so excuse any errors, but I think you get the point.

ColbyG

acidsatyr wrote: »

That makes sense, actually. Why is it not a good practice?

Just one question; that queuing would work if that interface was limited to 2 Mbps, like if serial interface was clocked at 2Mbps; but how will it work on fa interface with 100Mbps? How can i force limit to 2 Mbps so that queuing triggers in the first place?

Thanks you have been very helpful.

What networker said will bring the congestion onto your device as opposed to the modem.

Your idea isn't great practice because you appear to be using all of your bandwidth on only two IPs, you're not leaving anything for your class-default. You're applying any of this based on traffic type, which is normally how you would do this.

Typically you classify traffic and serve it in tiers, so your voice/video/interactive traffic is given the highest priority with LLQ, then you use CBWFQ to guarantee your important, but less sensitive traffic. Last you would police your useless traffic like torrents, or music streaming, etc.

This is obviously a very simplistic explanation, but hopefully you get the idea.

acidsatyr

ColbyNA wrote: »

What networker said will bring the congestion onto your device as opposed to the modem.

Your idea isn't great practice because you appear to be using all of your bandwidth on only two IPs, you're not leaving anything for your class-default. You're applying any of this based on traffic type, which is normally how you would do this.

Typically you classify traffic and serve it in tiers, so your voice/video/interactive traffic is given the highest priority with LLQ, then you use CBWFQ to guarantee your important, but less sensitive traffic. Last you would police your useless traffic like torrents, or music streaming, etc.

This is obviously a very simplistic explanation, but hopefully you get the idea.

I understand that; no objections;
i just introduced this scenario so i could see if i'm on the right track.
Since there is really only two computers in the network as of now, I wanted to split bandwidth between two hosts.
Now to continue on this, would it be able to split traffic the way you mentioned for each of the hosts?
Can i serve another policy that will, inside each of those 1024Kbps, divide bandwidth with LLQ, etc?

Also you mentioned class-default; If the traffic must match one of two destination addresses; then what will go inside class-default? I would understand if i divided bandwidth based on traffic...right?

ColbyG

acidsatyr wrote: »

I understand that; no objections;
i just introduced this scenario so i could see if i'm on the right track.
Since there is really only two computers in the network as of now, I wanted to split bandwidth between two hosts.
Now to continue on this, would it be able to split traffic the way you mentioned for each of the hosts?
Can i serve another policy that will, inside each of those 1024Kbps, divide bandwidth with LLQ, etc?

Also you mentioned class-default; If the traffic must match one of two destination addresses; then what will go inside class-default? I would understand if i divided bandwidth based on traffic...right?

Yea, you could nest another policy if you needed for traffic classification, but that's getting pretty complex.

The class default would catch anyone else on the network. If there are always only two PCs then it's not a big deal. But my point was just that this isn't normal practice. You're not likely to walk into too many networks and see a configuration like this.

acidsatyr

Cool, thanks.

Forsaken_GA

Just match the bit torrent traffic, put it in it's own queue, and set a bandwidth limit on it. He'll have full access to the link when it's not busy, and when it is, the bittorrent traffic will only get the amount of traffic it's been designated. If you want to call that one meg, then that's fine. That will, of course effect you as well if you do any torrenting.

Doing policing and shaping isn't really necessary for what you're trying to accomplish (and I don't recommend doing shaping if you deal with any interactive apps, ie, if you play WoW and have to use Ventrilo/TeamSpeak!). What you are trying to accomplish though, is bad design, so I understand your situation is simplistic, but try not to develop bad habits.

Develop your home QoS policy like you if it was a job. Decide what traffic is most important, queue appropriately, and set your policies. The biggest problem with your design is that you're discriminating based on host, when you should be discriminating based on traffic type

acidsatyr

Forsaken_GA wrote: »

Just match the bit torrent traffic, put it in it's own queue, and set a bandwidth limit on it. He'll have full access to the link when it's not busy, and when it is, the bittorrent traffic will only get the amount of traffic it's been designated. If you want to call that one meg, then that's fine. That will, of course effect you as well if you do any torrenting.

Doing policing and shaping isn't really necessary for what you're trying to accomplish (and I don't recommend doing shaping if you deal with any interactive apps, ie, if you play WoW and have to use Ventrilo/TeamSpeak!). What you are trying to accomplish though, is bad design, so I understand your situation is simplistic, but try not to develop bad habits.

Develop your home QoS policy like you if it was a job. Decide what traffic is most important, queue appropriately, and set your policies. The biggest problem with your design is that you're discriminating based on host, when you should be discriminating based on traffic type

Hey Forsaken,
I agree with what you are saying;
just one thing i want to make clear;
Let's say i discriminate traffic based on importance - i still have to include shaping (ie. serve CBWFQ/LLQ to shaper policy-map) since that's the only way I can trigger queuing - correct?
Since the link bandwidth in reality is 100mbps, there can never be congestion, does this make sense?

Btw, i use skype for wow, which isn't the greatest thing but it works; I will definitely try to implement LLQ here!

Thanks and happy WoWing

Forsaken_GA

acidsatyr wrote: »

Hey Forsaken,
Let's say i discriminate traffic based on importance - i still have to include shaping (ie. serve CBWFQ/LLQ to shaper policy-map) since that's the only way I can trigger queuing - correct?
Since the link bandwidth in reality is 100mbps, there can never be congestion, does this make sense?

Try using the bandwidth command on the interface to set the bandwidth of the interface that touches the modem, though I don't think that will be necessary.

And yes and no. It's kind of hard to explain as to when QoS does and does not kick in. If a few connections are eating up all the available bandwidth to the point where packets get backed up enough that they'll hit the software queues, then QoS tools will kick in. When the congestion backs off, the QoS tools no longer apply. Policing and shaping are meant to be deployed as edge technologies between networks to protect from getting overrun on a link that's are more likely than not oversubscribed. They're not really intended for internal LAN usage.