Router Installation and Configuration Manual/Configuring Rate Limiting Within Inetics

From ImageStream Router Documentation

Jump to: navigation, search
This chapter describes how to configure the ImageStream router to use Inetics' rate-limit commands to limit inbound and outbound traffic on a WAN device. The rate-limit commands are used to limit traffic on an interface-by-interface basis. To limit traffic on a network-by-network or service-by-service basis, see the chapter "Configuring Services: Quality of Service Menu."
This chapter includes the following topics:
  • Understanding and Configuring Rate Limiting
  • Valid Interfaces for the Rate-Limit Command
Before configuring rate limiting, you must configure the WAN interface and make the appropriate cabling connection for your needs. Refer to the hardware installation guide for your ImageStream product for information on making the WAN connection. See the Command Reference for more detailed command descriptions and instructions.
After logging in, the main menu is displayed (your menu may look slightly different):
     Router main menu 
     1. Configuration menu 
     2. Show interface status 
     3. Advanced 
     4. Router software management 
     5. Backup/Restore 
     6. halt/reboot 
     0. Log off 
Select menu option 1, Configuration menu, and press Enter to configure the router. The Configuration menu should appear (your menu may look slightly different):
     Configuration menu 
     1. AAA (Password) Configuration 
     2. Global configuration 
     3. Network interface configuration 
     4. Firewall and QOS configuration 
     5. Service configuration 
     6. Dynamic routing configuration 
     7. Save configuration to flash 
     0. ISis-Router main menu 
From the "Configuration menu", select menu option 3, Network interface configuration, and press Enter. This will open the ImageStream router's primary configuration file, wan.conf in the default editor. The wan.conf file is also accessible from the command line in the /usr/local/sand directory.

Understanding and Configuring Rate Limiting using Rate-Limit

The rate-limit command for Inetics devices limits the input or output transmission rate on an interface or subinterface based on a flexible set of criteria. Unlike standard Differentiated Services QoS management tools, the rate-limit command can:
  • limit both inbound and outbound traffic on a device
  • add limits to an Inetics device independent of traffic flows or network addresses
The rate-limit command allows you to control the maximum rate for traffic transmitted or received on an interface. Rate limiting is often configured on interfaces at the edge of a network to limit traffic into or out of the network. Traffic that falls within the rate parameters is transmitted, while packets that exceed the acceptable amount of traffic are dropped or transmitted with a different priority (latency).
The syntax of the rate-limit command is:
     rate-limit  bits per second"" [ """input | output""" ] [ latency milliseconds | buffer kilobytes ] 
Using the input keyword applies the rate limiting policy to packets received on the specified interface only. Using the output keyword applies the rate limiting policy to packets transmitted on the specified interface only. Specifying neither keyword will apply the rate limiting policy to both inbound and outbound traffic.
The optional latency keyword affects the maximum length of time allowed to transmit or receive a packet on the interface. Inserting a large value for this setting will result in fewer dropped packets, a larger buffer and higher potential traffic delays under load. Setting a small value for latency will result in more dropped packets and a smaller buffer, but fewer traffic delays under load.
Alternatively, the packet drop and latency values can be affected by setting the buffer keyword. Inserting a large value for the buffer will result in a higher latency and fewer dropped packets, but higher potential traffic delays. Setting a small value for the buffer will cause more dropped packets and a lower latency, but fewer traffic delays under load.
Only one input and one output rule are valid on each interface or subinterface. You can only specify one rate limit per interface or subinterface without the input or output keyword.
In the example below, we have limited the DS3 interface (interface Serial1 below) to 10 Mbps for inbound traffic only. Outbound traffic is not affected.
     ! 
     interface Serial1 
     description Connection to London office encapsulation hdlc 
     service-module ds3 clocking internal 
     rate-limit 10000000 input latency 50 
     ip address 25.0.0.1 255.255.255.252 
     ! 
Note that we have set a low latency value. This will ensure faster data transfers, but will result in more dropped packets under load. Packets remaining in the input queue more than 50 milliseconds will be dropped from the queue if they cannot be processed.
In the next example, we have limited the DS3 interface (interface Serial1 below) to 20 Mbps for both inbound and outbound traffic. All traffic on this interface will share a common 20 Mbps rate limit.
     ! 
     interface Serial1 
     description Connection to London office encapsulation hdlc 
     service-module ds3 clocking internal 
     rate-limit 20000000 input latency 1000 
     ip address 25.0.0.1 255.255.255.252 
     ! 
Note that we have set a very high latency value. This will increase the buffer size on the interface and ensure fewer packet drops. Packets will remain in the queue for up to 1000 milliseconds before being dropped. Only extremely heavy traffic loads will cause significant packet drops using this configuration.

Valid Interfaces for the Rate-Limit Command

The rate-limit command may be used on an interface or a subinterface. Inetics's rate limiting is independent of the link encapsulation and the type of data and may be used with routed IP traffic or bridged traffic of any type. The rate-limit command is only valid for Inetics interfaces, and may not be used on the following:
  • Ethernet interfaces
  • Token ring interfaces
  • Tunnel interfaces
  • VPN interfaces
  • VLAN interfaces
Note: You must save the settings to the router's non-volatile flash memory! If the router is rebooted before saving, your changes will be lost! See Chapter 26, "Backup/Restore Menu: Managing Configurations" for more information.
Personal tools
Router software releases