Policing FTP traffic

Unanswered Question
Feb 27th, 2007

I need to police FTP traffic on the WAN to not take more than 1 MB and the remianing bandwidth to be available for all other applications.

Since we run IPSEC encryption on the WAN, i dont think i will be able to mark the traffic.

Will it possible to emulate the same traffic policing if applied on the LAN side as a input service policy as below

class-map match-all FTPtraffic

match access-group 111

policy-map client1

Class FTPtraffic

police 1024000 conform-action transmit exceed-action drop

class class-default

fair queue

int g 0/1

service-policy input client1

Diagram attached


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
royalblues Tue, 02/27/2007 - 23:52

Thanks rajiv for the info.

The network diagram i attached was a very high level one. Infact i am not running any GRE tunnel, having mutiple peers with Dead Peer Detection and a mixture of routing protocols and Static routes.

hence i dont think the above configurations will suit my needs.



This Discussion