Traffice shaping on Cisco 2611 XM router.

Unanswered Question
Jul 10th, 2007

Hi there,

can you do traffic shaping based on ip addresses? In My DMZ i have several servers all having the same gateway to the internet. My gateway router is a 2611XM. I want limit one server for example 256 Kbs (up-down) to the internet and the other let say 512Kbs(up-down). Does anyone can give me a sample config of how this is done if possible?

My topoloy is as follow:


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
royalblues Tue, 07/10/2007 - 08:25


It can be done but it would be one way as the same needs to configured at the service provider end to work both ways.

ip access-list extended server

permit ip any

*** you can even use the port parameter with TCP to fine tune your settings***

class-map match-all server

match access-group name server

policy-map QoS-to-Internet

class server

shape average


max-reserved-bandwidth 100

service-policy output QoS-to-Internet



greg-bnets Tue, 07/10/2007 - 08:55


Once again thanks. Do you mean that in your config only the upload will be limited?

Is it better to put a bandwidth manager between the Cisco router and the firewall?


royalblues Tue, 07/10/2007 - 09:19

Yes you got that right...

I have never implemented a bandwidth manager in this scenario...may be someone else can throw more light on this



Tsasbrink Sun, 07/15/2007 - 21:15

Are you using nat ? This usualy tends to make this kind of configs more complicated.

You should use service policy's to configure this and yes it can be done even with nat overloading.

No nat :

Use a class map to indentify traffic belonging to e certain class.

Use a policy map to shape the traffic from a classes.

Apply service-policy to outgoing interface.

If you use nat or pat. I usually classify traffic on the inside interface with dscp tag's.So they can be classified on the ouside interface with their dscp label instead of address.




This Discussion