Traffic Shaping

Solved
carl222
Here to help

Traffic Shaping

Hi,

 

We have a 100Mbps ISP circuit at a remote location. Users have been experiencing drops from time to time. Looking at the uplink statistics in the past week, I see intermittent 0.5-1% packet lost everyday during business hours.

 

Meraki and our monitoring platform are reporting an average of 30-40Mbps on the interface. I know it is an average and doesn't really represent reality. When I look at real time traffic on the dashboard, I see peaks to 100Mbps quite often.

 

ISP is reporting that the circuit is all good (dedicated Fiber) and they said that the drops were caused by us saturating the link. Makes sense if I see these peaks + packet lost.

 

Few questions :

 

1- Can I play with traffic shaping rules ? I tried Per-client limit to 10Mbps with SpeedBurst, didn't really change anything.

 

2- What are these Default Rules for ? Is the MX tagging packets according to these Default Rules ?

 

carl222_0-1625019420144.png

Thank you

1 Accepted Solution
Bruce
Kind of a big deal

@carl222 I believe the default traffic shaping rules mark traffic based on the detected application, but like you I’ve never found anything to define what they do beyond that. If you’re connected to an internet connection (which it sounds like you are) marking packets alone will make no difference. The default rules only apply to the defined applications too, so unless you’re seeing those applications on your network they’re no going to achieve anything.

 

The uplink bandwidths that you define on the SD-WAN page definitely tries to shape traffic to those speeds but from our experience (and conversations with service providers - some who have a hard limit with no bursting) they’re a bit coarse, and so sometimes you may well hit the provider enforced limit. Although 0.5% to 1% packet loss is what you’d call ‘normal’, if you want to try and reduce it maybe knock back the uplink bandwidth to 96Mbps so that there is a little headroom between your MX and the provider enforced limit.

 

If you define your own traffic shaping rules then you can set different priorities (high, normal, low) which defines which egress queue the traffic ends up in if there is congestion (as per the link @Inderdeep shared), but this won’t prevent you hitting the provider limit. If there are one or two applications which drive a lot of bandwidth in your environment then you can try and shape them down with custom rules. Have a play and see what works for your environment.

View solution in original post

6 Replies 6
Inderdeep
Kind of a big deal
Kind of a big deal

@carl222 : Check the traffic shaping rules below 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/SD-WAN_and_Traffic_Shaping

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
carl222
Here to help

I saw this article but it doesn't explain how the "Default Rules" work. If I select "Enable default traffic shaping rules", that means the MX will prioritize traffic internally going out on the Internet according to these default rules ?

 

Do the MX take into consideration the 100Mbps specified in the Uplink configuration ?

 

Thanks

Bruce
Kind of a big deal

@carl222 I believe the default traffic shaping rules mark traffic based on the detected application, but like you I’ve never found anything to define what they do beyond that. If you’re connected to an internet connection (which it sounds like you are) marking packets alone will make no difference. The default rules only apply to the defined applications too, so unless you’re seeing those applications on your network they’re no going to achieve anything.

 

The uplink bandwidths that you define on the SD-WAN page definitely tries to shape traffic to those speeds but from our experience (and conversations with service providers - some who have a hard limit with no bursting) they’re a bit coarse, and so sometimes you may well hit the provider enforced limit. Although 0.5% to 1% packet loss is what you’d call ‘normal’, if you want to try and reduce it maybe knock back the uplink bandwidth to 96Mbps so that there is a little headroom between your MX and the provider enforced limit.

 

If you define your own traffic shaping rules then you can set different priorities (high, normal, low) which defines which egress queue the traffic ends up in if there is congestion (as per the link @Inderdeep shared), but this won’t prevent you hitting the provider limit. If there are one or two applications which drive a lot of bandwidth in your environment then you can try and shape them down with custom rules. Have a play and see what works for your environment.

carl222
Here to help

@Bruce Thank you very much sir!

 

I will try to put it down to 95Mbps and setup Netflow to see which applications I can throttle down a bit.

 

What would be your recommendations for the Per-Client shaping? They are around 60 users on the MX68. Would you enable the burst option as well?

Thanks 

Bruce
Kind of a big deal

I wouldn’t worry about per client throttling unless you notice that you’ve got a couple of bandwidth hogs out there, but even then I’d try and resolve the issue by shaping the relevant applications first. You should be able to use the Meraki Dashboard to see what applications you’ve got consuming your bandwidth, but Netflow will do the trick if you have skills there.

carl222
Here to help

Sounds good !

 

Thank you very much you've been really helpful 🙂

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels