Hello!
Коллеги, у когото в продакшине подобная связка (random-detect + rate-limit)
используется?
Ежели да, то на каком железе/IOS-е и как впечатления сравнительно с shape-ом?
----- Forwarded message from Bruce Robertson
Rate limiting at lower speeds severelt impacts TCP performance, a single TCP session hitting a rate limit will start, hit the ratelimit, lose several packets, pretty much go into slow-start, go logarithmically up again to the rate limit, hit the hard ceiling and then go into slow-start again, cutting the used bandwidth to approx 40% of the ratelimit.
This behavior is avoided if you use random-detect along with rate limiting. Here's an example that works perfectly at limiting a user to 500 Kb/s: interface FastEthernet0/0 no ip address random-detect interface FastEthernet0/0.22 encapsulation isl 22 ip address x.x.x.x y.y.y.y ip verify unicast reverse-path no ip redirects no ip proxy-arp rate-limit input 496000 93750 187500 conform-action transmit exceed-action drop rate-limit output 496000 93750 187500 conform-action transmit exceed-action drop -- Bruce Robertson, President/CEO +1-775-348-7299 Great Basin Internet Services, Inc. fax: +1-775-348-9412 http://www.greatbasin.net _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ----- End forwarded message ----- -- Regards, Volodymyr. =================================================================== uanog mailing list. To Unsubscribe: send mail to majordomo@uanog.kiev.ua with "unsubscribe uanog" in the body of the message