Note: The following post is an excerpt from the full QoS section of IEWB-RS VOL1 version 5.
Peak shaping may look confusing at first sight; however, its function becomes clear once you think of oversubscription. As we discussed before, oversubscription means selling customers more bandwidth than a network can supply, hoping that not all connections would use their maximum sending rate at the same time. With oversubscription, traffic contract usually specifies three parameters: PIR, CIR and Tc – peak rate, committed rate and averaging time interval for rate measurements. The SP allows customers to send traffic at rates up to PIR, but only guarantees CIR rate in case of network congestion. Inside the network SP uses any of the max-min scheduling procedures to implement bandwidth sharing in such manner that oversubscribed traffic has lower preference than conforming traffic. Additionally, the SP generally assumes that customers respond to notifications of traffic congestion in the network (either explicit, such as FECN/BECN/TCP ECN or implicit such as packet drops in TCP) by slowing down sending rate.
Commonly, customers implement traffic shaping to conform to traffic contract, and provider uses traffic policing to enforce the contract. If a contract specifies PIR, then it makes sense for customer to shape traffic at PIR rate. However, this makes difficult to deduce CIR value just by looking at the router configuration. In some circumstances, like with Frame-Relay networks, a secondary parameter, known as minCIR, may help to understand the configuration quickly. In general, it would benefit to see CIR and PIR in the shaping configuration at the same time. This is exactly the idea behind shape peak. When you configure
shape peak <CIR> <Bc> <Be>
the actual maximum sending rate is limited to:
PIR = CIR*(1+Be/Bc).
That is, each time interval Tc=Bc/CIR the shaper allows sending up to Bc+Be bits of data. By default, if you omit the value for Be, it equals to Bc and thus PIR=2*CIR by default. However, due to some IOS show output discrepancy, this is NOT reflected in “show” command output, unless you explicitly specify the Be value in command line. With shape peak configured this way, you can see both CIR as the “average rate” and PIR as the “target rate” when issuing “show policy-map” command.
Rack1R6#show policy-map interface fastEthernet 0/0.146
FastEthernet0/0.146
Service-policy output: POLICY_VLAN146_OUT
Class-map: HTTP (match-all)
6846 packets, 4065413 bytes
5 minute offered rate 63000 bps, drop rate 0 bps
Match: access-group 180
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
128000/64000 1600 6400 6400 100 1600
...
All other shaping functions remain the same as with the classic GTS – shape peak is just more suited for use with oversubscription scenarios. Also, in Frame-Relay networks you may want to use configuration similar to the following to respond to congestion notifications:
shape peak <CIR> <Bc> <Be> shape adaptive <CIR>
To illustrate the use of shape peak, let’s look at the following scenario. Here, R4 serves two customers (R1 and R6) sending their traffic across one serial link of 128Kbps between R4 and R5. The fictive ISP sells 128Kbps (PIR) to each of the customers, guaranteeing only 64Kbps (CIR). Let’s assume the measurement interval of 100ms for this configuration. The serial link, which is the oversubscribed resource, uses WFQ for fair bandwidth sharing between two flows.
R1:
access-list 180 permit tcp any eq 80 any
!
class-map HTTP
match access-group 180
!
policy-map POLICY_VLAN146_OUT
class HTTP
shape peak 64000 6400 6400
!
interface FastEthernet 0/0
service-policy output POLICY_VLAN146_OUT
R6:
access-list 180 permit tcp any eq 80 any
!
class-map HTTP
match access-group 180
!
policy-map POLICY_VLAN146_OUT
class HTTP
shape peak 64000 6400 6400
!
interface FastEthernet 0/0.146
service-policy output POLICY_VLAN146_OUT
R4:
!
! All HTTP traffic
!
ip access-list extended HTTP
permit tcp any eq 80 any
!
class-map HTTP
match access-group name HTTP
!
! Traffic from R1 and R6 respectively
!
ip access-list extended FROM_R1
permit ip host 155.1.146.1 any
!
ip access-list extended FROM_R6
permit ip host 155.1.146.6 any
!
!
!
class-map FROM_R1
match access-group name FROM_R1
!
class-map FROM_R6
match access-group name FROM_R6
!
! Subrate policers
!
policy-map SUBRATE_POLICER
class FROM_R1
police cir 64000 bc 3200 pir 128000 be 6400
conform-action set-prec-transmit 1
exceed-action set-prec-transmit 0
violate-action drop
class FROM_R6
police cir 64000 bc 3200 pir 128000 be 6400
conform-action set-prec-transmit 1
exceed-action set-prec-transmit 0
violate-action drop
!
! Policer configuration using MQC syntax.
!
policy-map POLICE_VLAN146
class HTTP
service-policy SUBRATE_POLICER
!
interface FastEthernet 0/1
service-policy input POLICE_VLAN146
The idea is to allow R1 and R6 send up to 128Kbps if there is enough bandwidth on the serial link. However, if both of the sources start streaming at the same time, the SP may only guarantee up to 64Kbps to each of sending routers. The implementation meters each flow against 64Kbps and 128Kbps meters, and marks all conforming traffic with IP precedence of 1. All exceeding traffic is marked with IP precedence of 0. Since the serial link uses WFQ, we conclude that traffic marked with IP precedence of zero has lower scheduling weight. Thus, if IP precedence 1 traffic exist on the link, it is given preference over low-priority traffic (precedence 0).
To verify our configuration in action, start downloading a large file from R1 across R4 and see the statistics on R1 and R4:
Rack1R4#show policy-map interface fastEthernet 0/1
FastEthernet0/1
Service-policy input: POLICE_VLAN146
Class-map: HTTP (match-all)
20451 packets, 12066090 bytes
30 second offered rate 126000 bps, drop rate 0 bps
Match: access-group name HTTP
Service-policy : SUBRATE_POLICER
Class-map: FROM_R1 (match-all)
20451 packets, 12066090 bytes
30 second offered rate 126000 bps, drop rate 0 bps
Match: access-group name FROM_R1
police:
cir 64000 bps, bc 3200 bytes
pir 128000 bps, be 6400 bytes
conformed 11113 packets, 6556670 bytes; actions:
set-prec-transmit 1
exceeded 9338 packets, 5509420 bytes; actions:
set-prec-transmit 0
violated 0 packets, 0 bytes; actions:
drop
conformed 64000 bps, exceed 62000 bps, violate 0 bps
Class-map: FROM_R6 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: access-group name FROM_R6
police:
cir 64000 bps, bc 3200 bytes
pir 128000 bps, be 6400 bytes
conformed 0 packets, 0 bytes; actions:
set-prec-transmit 1
exceeded 0 packets, 0 bytes; actions:
set-prec-transmit 0
violated 0 packets, 0 bytes; actions:
drop
conformed 0 bps, exceed 0 bps, violate 0 bps
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
!
! The above statistics demonstrate that R1 uses almost all available bandwidth
! From the output below we can see that R1 is set to CIR 64Kbps and PIR 128Kbs.
! We may also notice that shaper was active for some time, delaying hundreds of
! exceeding packets. This usually happens in the beginning of TCP session when
! sendger aggressively increases sending rate.
!
Rack1R1#show policy-map interface fastEthernet 0/0
FastEthernet0/0
Service-policy output: POLICY_VLAN146_OUT
Class-map: HTTP (match-all)
3225 packets, 1897929 bytes
30 second offered rate 124000 bps, drop rate 0 bps
Match: access-group 180
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
128000/64000 1600 6400 6400 100 1600
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
- 0 3225 1897929 348 205320 no
Class-map: class-default (match-any)
29 packets, 4378 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
Now start another file transfer, this time from R6 down to a host behind, R5 across the serial link. This will make both flows compete for the link bandwidth, and result in fair sharing of the link bandwidth. Now verify the policer statistics once again:
Rack1R4#show policy-map interface fastEthernet 0/1
FastEthernet0/1
Service-policy input: POLICE_VLAN146
Class-map: HTTP (match-all)
35113 packets, 20715559 bytes
30 second offered rate 126000 bps, drop rate 0 bps
Match: access-group name HTTP
Service-policy : SUBRATE_POLICER
Class-map: FROM_R1 (match-all)
29986 packets, 17691740 bytes
30 second offered rate 63000 bps, drop rate 0 bps
Match: access-group name FROM_R1
police:
cir 64000 bps, bc 3200 bytes
pir 128000 bps, be 6400 bytes
conformed 18466 packets, 10894940 bytes; actions:
set-prec-transmit 1
exceeded 11520 packets, 6796800 bytes; actions:
set-prec-transmit 0
violated 0 packets, 0 bytes; actions:
drop
conformed 63000 bps, exceed 0 bps, violate 0 bps
Class-map: FROM_R6 (match-all)
5127 packets, 3023819 bytes
30 second offered rate 63000 bps, drop rate 0 bps
Match: access-group name FROM_R6
police:
cir 64000 bps, bc 3200 bytes
pir 128000 bps, be 6400 bytes
conformed 5124 packets, 3022049 bytes; actions:
set-prec-transmit 1
exceeded 3 packets, 1770 bytes; actions:
set-prec-transmit 0
violated 0 packets, 0 bytes; actions:
drop
conformed 63000 bps, exceed 0 bps, violate 0 bps
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
!
! Verify statistics for both traffic shapers on R1 and R6. Both are set for PIR=128Kbps.
! However, metered rate is close to CIR, and the shaping is inactive. The sending rate
! went down thanks to TCP implicit congestion management procedure, that makes protocol
! sending rate adaptive to congestion in networks.
!
Rack1R6#show policy-map interface fastEthernet 0/0.146
FastEthernet0/0.146
Service-policy output: POLICY_VLAN146_OUT
Class-map: HTTP (match-all)
6846 packets, 4065413 bytes
5 minute offered rate 63000 bps, drop rate 0 bps
Match: access-group 180
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
128000/64000 1600 6400 6400 100 1600
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
- 0 6846 4065413 3 1782 no
Class-map: class-default (match-any)
191 packets, 43930 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Rack1R1#show policy-map interface fastEthernet 0/0
FastEthernet0/0
Service-policy output: POLICY_VLAN146_OUT
Class-map: HTTP (match-all)
33062 packets, 19505469 bytes
30 second offered rate 63000 bps, drop rate 0 bps
Match: access-group 180
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
128000/64000 1600 6400 6400 100 1600
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
- 0 33062 19505469 2632 1552858 no
Class-map: class-default (match-any)
7641 packets, 7385752 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
Now let’s confirm that WFQ is actually working on the serial interface between R4 and R5 and provides truly fair division of the bandwidth:
Rack1R4#show queueing interface serial 0/1
Interface Serial0/1 queueing strategy: fair
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 12/1000/64/0 (size/max total/threshold/drops)
Conversations 2/3/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
(depth/weight/total drops/no-buffer drops/interleaves) 6/16192/0/0/0
Conversation 134, linktype: ip, length: 580
source: 155.1.146.1, destination: 155.1.58.8, id: 0xEB41, ttl: 254,
TOS: 32 prot: 6, source port 80, destination port 11001
(depth/weight/total drops/no-buffer drops/interleaves) 6/16192/0/0/0
Conversation 192, linktype: ip, length: 580
source: 155.1.146.6, destination: 155.1.108.10, id: 0x70CA, ttl: 254,
TOS: 32 prot: 6, source port 80, destination port 11002
To summarize, shape peak is a special form of shaping specifically adapted to configure oversubscription scenarios. All other properties of GTS remains the same.
About Petr Lapukhov, 4xCCIE/CCDE:
Petr Lapukhov's career in IT begain in 1988 with a focus on computer programming, and progressed into networking with his first exposure to Novell NetWare in 1991. Initially involved with Kazan State University's campus network support and UNIX system administration, he went through the path of becoming a networking consultant, taking part in many network deployment projects. Petr currently has over 12 years of experience working in the Cisco networking field, and is the only person in the world to have obtained four CCIEs in under two years, passing each on his first attempt. Petr is an exceptional case in that he has been working with all of the technologies covered in his four CCIE tracks (R&S, Security, SP, and Voice) on a daily basis for many years. When not actively teaching classes, developing self-paced products, studying for the CCDE Practical & the CCIE Storage Lab Exam, and completing his PhD in Applied Mathematics.
Find all posts by Petr Lapukhov, 4xCCIE/CCDE | Visit Website
You can leave a response, or trackback from your own site.
25 Responses to “Understanding the “shape peak” command”
Leave a Reply
Again an amazing article on QoS (have you ever considered professional help?
I’m really looking forward to your QoS section in de Volume 1 V5!
Clear Explanation! Thanks karthik
best explaination of shape-peak on the internet(doc cd is useless in some cases)
Good explanation… anyway, I cannot get the following point… So, what is the difference between configuring shape peak with a certain PIR and shape average with = PIR. Don’t both send traffic at PIR rate? Or, are there differences in the ways in which the router works if the target and avereage rate are the same (in the case I use shape average) or not (in the case I use shape peak)?
yeap.. i dun see the difference also. let say SP sell me a CIR of 64kbps and PIR of 128kbps.. what is the real difference as a customer point of view if i configured the following:
1. shape average 128000
2. shape peak 64000
The only differnt i can tell is that.. in a shape average 128000 case, my boss will be mislead to think that the CIR is 128000, but in the actual fact the PIR is 128000. So the command shape peak is only here to clarify the consusion to the customer when they see the configuration?
Very good explanation.
I have a quick question,
PIR=CIR(1+Be/Bc),
If Be=Bc it means Be=0 isn’t it
so PIR=CIR(1+0/Bc), then PIR=CIR instead of PIR=2*CIR
Correct me If Iam wrong.
Correct, Be=Bc by default, this is why PIR=2*CIR. If you set Be=0 then PIR=CIR.
Sorry, in my original posting I meant when you want to omit Be, Be=0 instead of Be=Bc then PIR=CIR but PIR=2*CIR when excess burst is same as
commited burst
so what is the difference bet using shape peak and use cir and mincir ?
or do i have to use both with map class and service policy inside
Great explanation! Thank you!
mohamed el henawy,
mincir is only used for Frame Relay. This example uses Ethernet so the mincir command would not apply. The “shape peak” command is used to make it clear what the CIR is and what the burst rate is. “Shape peak” and “shape average” (when be=bc, which is the default if be is not defined) accomplish the same thing technically. “Shape peak” makes it clear, at a glance, what the CIR is.
HTH,
David
Peter, i’ve read the doc cd and the cisco press books for QoS, what’s your source to have this level of knowledge?
Thanks
Hello Santiago!
I will speak for Petr on this one and I am sure he will clarify if needed…Petr mastered QoS reading the DOC-CD, and then testing what he read there on Cisco equipment.
1) police cir 64000 bc 3200 pir 128000 be 6400
2) PIR = CIR*(1+Be/Bc)
Result:
6400 = 2*3200 => Be = 2*Bc ????
PIR = CIR * (1+2) = CIR *3
Sorry! I’m wrong! It’s NOT shaping – It’s policing
In policing (police cir 64000 bc 3200 pir 128000 be 6400) use “Two-rate, three-color policing”. Sorry!
Petr i really don`t see the difference between
1. shape average 128000
2. shape peak 64000
do you?
Can you comment this?
Like i mentioned in the post, there is no real different in the maximum sending rate achieve with either of the commands. The only real benefit of “shape peak” command is to allow you better see you CIR/PIR value relation and effectively visualize traffic contract in the “show” commands output.
Thank you for your answer.
And last question about QoS
Do you have some links concerning
the way all QoS mechanism works together?
The order and inercation between different mechanism?
I mean if we turn on:
1. Classification
2. Marking
3. LLQ(queuing)
4. Policing
5. Shaping
6. WRED
7. LFI
What would be the order of these mechansim?
I know relationships between some pairs, e.g.
shaping works before queuing.
Also there is a cisco article concerning this:
QoS Order of Operations
Inbound
1. QoS Policy Propagation through Border Gateway Protocol (BGP) (QPPB)
2. Input common classification
3. Input ACLs
4. Input marking (class-based marking or Committed Access Rate (CAR))
5. Input policing (through a class-based policer or CAR)
6. IP Security (IPSec)
7. Cisco Express Forwarding (CEF) or Fast Switching
Outbound
1. CEF or Fast Switching
2. Output common classification
3. Output ACLs
4. Output marking
5. Output policing (through a class-based policer or CAR)
6. Queueing (Class-Based Weighted Fair Queueing (CBWFQ) and Low Latency Queueing (LLQ)), and Weighted Random Early Detection (WRED)
http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a0080160fc1.shtml
But maybe there is some other links,picture that will clarify my question?
BTW i`ve already find your article`s during searching some answers i can`t find at books.
And they are really good couse they connect the “clear theory” with the real world life.
wow!
I’ve been reading my book for 15 minutes to understand this and you managed to explain the same this in about 2 sentences !!
thanks a lot and continue the righteous posting !
Just a quick one
1.when is it recommended to use shape peak?
2.when configuring CB-shaping and using shape adaptive command, how should the min rate be configured.should the min-rate be equal to or greater than minimum bandwidth guaranteed for the traffic class?
please advice
I was doing some testing with this command and it works just fine until I hit a certain value and above. Then the numbers for the target rate get all screwed up. Does anyone else have this issue. I am using Dynamip with this platform/IOS. See example below.
R6(config-pmap-c)#do sh ver
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(16a), RELEASE SOFTWARE (fc2)
R6(config-pmap-c)#shape peak 5000000 250000 500000
R6(config-pmap-c)#do show policy-map int s2/0
Serial2/0
Service-policy output: frts_policy_shape_peak
Class-map: class-default (match-any)
78 packets, 2182 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
15000000/5000000 93750 250000 500000 50 93750
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
– 0 14 1029 0 0 no
R6(config-pmap-c)#shape peak 6000000 300000 600000
R6(config-pmap-c)#do show policy-map int s2/0
Serial2/0
Service-policy output: frts_policy_shape_peak
Class-map: class-default (match-any)
80 packets, 2210 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
18000000/6000000 112500 300000 600000 50 112500
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
– 0 14 1029 0 0 no
R6(config-pmap-c)#shape peak 7000000 350000 700000
R6(config-pmap-c)#do show policy-map int s2/0
Serial2/0
Service-policy output: frts_policy_shape_peak
Class-map: class-default (match-any)
81 packets, 2224 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
8728000/7000000 131250 350000 700000 50 131250
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
– 0 14 1029 0 0 no
R6(config-pmap-c)#
Great explanation!
To further understand this topic, do you know where could I find information regarding the token bucket algorithm used in shape peak?
Very Good Explanation.
We wanted apply this functionality on GSR 12K IOS, but apparently the “violate-action” for L3VPN is not supported on this platform.
Some recommendation to deploy oversubscription on GSR 12K IOS.
hi
when we are asked to assume RTP packets use range 16384 32767
i can see at the workbook that the class-map uses ip rtp 16384 16383 ??? why is that??
if i create a ACL that uses the exact port range isn’t that what we are asked? or i am wrong??
please explain
thanks
@Eyal,
Because in that command, you are not asked for low port and high port, but rather low port and then the ‘range’ of ports. So “ip rtp 16384 16383′ means start at port 16384 and go for 16383 more ports. So you add those two together and you get 32767.
When in doubt, always type a ? to see what next argument is expected.
Hope that helps.