QoS - both inbound and outbound?

[oddyager]

Say you have an environment with Routers A, and B each at different bureaus all joined on a MPLS cloud. Say for example I want to limit the amount of the pipe FTP consumes when going from Site A to Site B. Is it generally best practice to apply outbound QoS on Router A and inbound QoS on Router B? Or just inbound QoS on Router B and outbound no restrictions?

 

[jlazzaro]

valid question, and i would say its more-so preference than best practice. personally, i would police outbound on Router A. why? by the time the FTP packets get to Router B, they would have already traversed the MPLS circuits and used bandwidth regardless of your inbound policer. now since were talking about TCP traffic, as the policer drops packets the window size drops and the transmission rate is decreased.

if this was UDP traffic, policing inbound on router B would essentially do nothing except waste bandwidth. expand this scenario to hundreds of routers, and outbound policing to tackle FTP traffic at a single site probobly wont be my first choice ;P

curious what other peoples thoughts are...

 

[spidey07]

Best practice is to mark as close to the edge as possible, police at the aggregation/provider edge. In your scenario that would mean policing outbound. But if you're trying to do strict policer in "shall now exceed this amount" then both places is what you need to do.

Normally you don't set up strict policing like that because that's where DiffServ would come in and your FTP would be marked and queued/policed as best effort.