05-27-2007 12:46 PM - edited 03-03-2019 05:10 PM
Hello, Professionals
I need to shape every ip address from /24 network to 10Mbit/s ingress speed. How to do this without write 253 ACL (one for every ip). I am sure there must be a more efficient way to do that... Please help me. Thanks , and have a good day
05-27-2007 07:54 PM
Sorry, there is not.
05-27-2007 11:17 PM
It is hard to believe that ... Linux can do it with HASHLIMIT , i think IOS also can perform this kind of limiting becouse is more advanced networking OS
05-28-2007 09:32 AM
Nothing to wonder about. I can probably come up with 1,000 things that IOS does while linux doesn't, and vice-versa.
05-28-2007 10:19 AM
I think SCE can do it... The idea behind this is to limit traffic from some of my clients that can flood some of the servers with 100Mbps. I use rate limit per destination on access ports , but the problem is that if some ip floods all ips on same interface take packet loss. If there is some good solution that prevents this please make me aware. Thanks
05-28-2007 10:35 AM
Since you want to basically limit all output from certain sources up to a maximum, at that point that may be the same as to hardconfig ports at 10 mbps.
05-28-2007 12:45 PM
If there is no other services maybe is sweetable. But there is file transfer between hosts , some multicast streams ...
05-28-2007 01:56 PM
On the other hand even if you had an easy configuration method to make so that any source does not pass 10 mpbs in sending, that would affect also file transfers and multicast, so it really all depends on what you want to do.
05-29-2007 04:09 AM
I plan to enable this configuration close interfaces for servers that need to be protected, not on all network. However maybe some CBWFQ rules can make similar efect. Thanks for guidance. Have a nice day
05-29-2007 05:13 AM
I find another good solution to achieve this functionality:
PFC QoS applies the bandwidth limit specified in a microflow policer separately to each flow in matched
? You can configure a microflow policer to use only source addresses, which applies the microflow policer to all traffic from a source address regardless of the destination addresses.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: