cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
855
Views
0
Helpful
9
Replies

per source ip flow shaping

slavov.emil
Level 1
Level 1

Hello, Professionals

I need to shape every ip address from /24 network to 10Mbit/s ingress speed. How to do this without write 253 ACL (one for every ip). I am sure there must be a more efficient way to do that... Please help me. Thanks , and have a good day

9 Replies 9

paolo bevilacqua
Hall of Fame
Hall of Fame

Sorry, there is not.

It is hard to believe that ... Linux can do it with HASHLIMIT , i think IOS also can perform this kind of limiting becouse is more advanced networking OS

Nothing to wonder about. I can probably come up with 1,000 things that IOS does while linux doesn't, and vice-versa.

I think SCE can do it... The idea behind this is to limit traffic from some of my clients that can flood some of the servers with 100Mbps. I use rate limit per destination on access ports , but the problem is that if some ip floods all ips on same interface take packet loss. If there is some good solution that prevents this please make me aware. Thanks

Since you want to basically limit all output from certain sources up to a maximum, at that point that may be the same as to hardconfig ports at 10 mbps.

If there is no other services maybe is sweetable. But there is file transfer between hosts , some multicast streams ...

On the other hand even if you had an easy configuration method to make so that any source does not pass 10 mpbs in sending, that would affect also file transfers and multicast, so it really all depends on what you want to do.

I plan to enable this configuration close interfaces for servers that need to be protected, not on all network. However maybe some CBWFQ rules can make similar efect. Thanks for guidance. Have a nice day

I find another good solution to achieve this functionality:

PFC QoS applies the bandwidth limit specified in a microflow policer separately to each flow in matched

? You can configure a microflow policer to use only source addresses, which applies the microflow policer to all traffic from a source address regardless of the destination addresses.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: