Cisco Shaper Policy Tutorial

This tutorial will go over how to set up a traffic shaper that limits bandwidth to 500k on both inbound and outbound traffic over a customer ethernet port (LAN facing) over a serial link (WAN facing).
The topology in use is specific to a T1 that is split between normal and VRF traffic, but can be applicable in other situations. The WAN interface (S1/0:0) already has a pre-existing policy applied, so we have to add our shaper as a nested policy (explained below).
CUST_ROUTER#show ip int br
Interface                  IP-Address
FastEthernet0/0            unassigned
FastEthernet0/0.1         (customer VRF block, not touching this for this tutorial)
FastEthernet0/0.2          (customer LAN block, this is the IP range we are shaping)
Serial1/0:0                unassigned
Serial1/0:0.30          (customer WAN block (internet))
Serial1/0:0.31        (customer WAN VRF block(we dont touch this either))
For this example, we are going to shape traffic for the Fa0/0.2 interface so inbound traffic towards the customer LAN off of Fa0/0.2 is shaped to 500k and outbound traffic on S1/0:0 for LAN block is also shaped at 500k, essentially limiting the customer to 500k for any traffic on

Here’s the config:
1. create the policy map:
policy-map 500K-DIA-SHAPE
class DIA-LAN-CLASS      // use class ‘DIA-LAN-CLASS’
shape average 500000    // set a shaper of 500k for this class
2. Create the class
class-map match-any DIA-LAN-CLASS    // class name
match access-group name DIA-LAN       // match ACL named ‘DIA-LAN’
3. interface S1/0:0 already has policy VRF-100-PERCENT-OUT-POLICY applied to it (don’t worry about what it does for this tutorial). You can only have 1 policy per interface outbound, so, we have to add policy ’500K-DIA-SHAPE’ to this existing policy that will shape outbound traffic (to the WAN/cloud) on S1/0:0
priority percent 99
bandwidth remaining percent 50
bandwidth remaining percent 30
class class-default
bandwidth remaining percent 20
set ip dscp default
service-policy 500K-DIA-SHAPE    // our policy is applied to the default/best effort traffic
4. apply the policy to the FA0/0 interface. This will be for traffic coming in from the cloud/WAN going towards the customers LAN
interface FastEthernet0/0
description Data LAN Port
… Omitted ..
max-reserved-bandwidth 96
service-policy output 500K-DIA-SHAPE   // sets shaper policy on Fa0/0 interface
5. check/confirm the LAN block to be added to our ACL.
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address    // this is the LAN block that the shaper will check against
no cdp enable
6. Build the ACL that is referenced in class ‘DIA-LAN-CLASS’
ip access-list extended DIA-LAN
permit ip any
permit ip any
So what we did is make a shaper policy that shapes the internet (non-VRF) traffic to 500k for both ingress and egress traffic. Take a closer look at step 3. Policy map VRF-100-PERCENT-OUT-POLICY was already applied out to S1/0:0 before we even got here, so we had to add our new shaper policy onto it.
Title : Cisco Shaper Policy Tutorial
Description : This tutorial will go over how to set up a traffic shaper that limits bandwidth to 500k on both inbound and outbound traffic over a custome...

0 Response to "Cisco Shaper Policy Tutorial"

Posting Komentar