Real time network require a solution

mohsin.engineer87

Hi All, 

I am currently providing professional services for a Service Provider organization.

My manager has asked me to implement the below solution in of our customer's [i.e. a Service Provider] network :

 

• Any user who is trying to access internet service during off peak hours, should get entire available bandwidth
• Any user who is trying to access internet service during peak hours, they should get their subscribed bandwidth [i.e 10 Mbps] as per their plan with the service provider company
• Both the conditions mentioned above should be customizable according to the content/protocol i.e. HTTP, HTTP Adaptive Streaming Protocol or Real Time Streaming protocol etc. The main objective is "to dynamically control user's internet speed depending on available bandwidth and type of content being accessed" 

 

The main objective of the Service provider is to utilise their network to the maximum with best QOE. 

I am trying to test this solution first on GNS3. I think with QOS I will be able to rate limit user traffic based on available bandwidth and specific content. Please find my network below with attached running config of each router:

 

 

 

R1#sh run

Building configuration...

 

Current configuration : 1586 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

logging buffered 4096 informational

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

 ip address 192.168.137.2 255.255.255.0

 ip nat outside

 ip virtual-reassembly

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 ip address 1.0.0.1 255.0.0.0

 ip nbar protocol-discovery

 ip nat inside

 ip virtual-reassembly

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/1

 ip address 2.0.0.1 255.0.0.0

 ip nbar protocol-discovery

 ip nat inside

 ip virtual-reassembly

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/3

 no ip address

 shutdown

 serial restart-delay 0

!

router eigrp 100

 network 0.0.0.0

 no auto-summary

!

ip route 0.0.0.0 0.0.0.0 192.168.137.1

!

!

no ip http server

no ip http secure-server

ip nat pool GLOBAL-IP 192.168.137.10 192.168.137.50 netmask 255.255.255.0

ip nat inside source list 1 pool GLOBAL-IP

!

access-list 1 permit 10.0.0.0 0.255.255.255

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

 

R1#$

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Connected to Dynamips VM "R5" (ID 0, type c3725) - Console port

Press ENTER to get the prompt.

R5#sh run

Building configuration...

Current configuration : 1250 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R5

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 ip address 1.0.0.2 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/2

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/3

 ip address 4.0.0.1 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

router eigrp 100

 network 0.0.0.0

 no auto-summary

!

ip route 0.0.0.0 0.0.0.0 1.0.0.1

ip route 0.0.0.0 0.0.0.0 2.0.0.1

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

R5#

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

R6#sh run

Building configuration...

Current configuration : 1250 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R6

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/1

 ip address 2.0.0.2 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/2

 ip address 3.0.0.1 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/3

 no ip address

 shutdown

 serial restart-delay 0

!

router eigrp 100

 network 0.0.0.0

 no auto-summary

!

ip route 0.0.0.0 0.0.0.0 1.0.0.1

ip route 0.0.0.0 0.0.0.0 2.0.0.1

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

R6#

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

R7#sh run

Building configuration...

Current configuration : 1256 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R7

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

 ip address 10.0.0.1 255.0.0.0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 no ip address

 shutdown

 duplex auto

 speed auto

!

interface Serial1/0

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/1

 no ip address

 shutdown

 serial restart-delay 0

!

interface Serial1/2

 ip address 3.0.0.2 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

interface Serial1/3

 ip address 4.0.0.2 255.0.0.0

 serial restart-delay 0

 clock rate 64000

!

router eigrp 100

 network 0.0.0.0

 no auto-summary

!

ip route 0.0.0.0 0.0.0.0 1.0.0.1

ip route 0.0.0.0 0.0.0.0 2.0.0.1

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

!

line con 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line aux 0

 exec-timeout 0 0

 privilege level 15

 logging synchronous

line vty 0 4

 login

!

!

end

R7#

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I am looking for a solution which can encompass all the requirements with existing configuration.
 Please note C2 and C3 are my hosts and C1 is internet

Hari.sapkota

Abdul,

In order to limit the bandwidth based on the users, you can use simple QoS configuration with different class-maps for the different group. 

For an example:

I-WAN#sh run class-map 

class-map match-all LIMIT

 match access-group 45

 

I-WAN#sh run policy-map 

policy-map LIMIT_BANDWIDTH

 class LIMIT

  police cir 128000

   conform-action transmit 

   exceed-action drop 

!

end

I-WAN#sh access-lists 

Standard IP access list 45

    10 permit 192.168.45.0, wildcard bits 0.0.0.255

Hope this works for you!

Mud

This really sounds like you're looking for an appliance, not an IOS solution.  We deploy Sandvine devices for this type of stuff in our network (i work for an ISP).  

mohsin.engineer87

@ Hari : Thanks for the response. I will take up this idea and implement this solution. I am sure allocating bandwidth dynamically will be a challenge, but lets see how close we can go to the objective.

 

@ Mud: I am aware that DPI devices like Sandvine/ASA/ and Caching devices like Bluecoat Proxy SG and Cache Flow/Peerap/CacheMara and Jaguar 5000 of ARA Networks are capable of doing this. The idea here is not to utilise the cisco routers and for this thereby leaving L4-7 Switches and Caching boxes to focus on their basic work. ISP has multiple routers and there shouldn't be an issue with CPU overload due to QOS configs. 

andy321

Hi Abdul,

This would be of use for the time element of your solution as well. Slave the routers to an NTP source.

http://www.cisco.com/en/US/tech/tk543/tk759/technologies_tech_note09186a00801aa69d.shtml

The document also discusses QPM, which I've never used, everyone that I talk to has says its useless!

Andy

bobby1

Take a look at the Allot appliances:

 

http://www.allot.com/index.aspx?id=3793&itemID=2981