QoS of Natted Hosts

Unanswered Question

I can not configure my 3600 to QoS my natted hosts in both directions. It can only limit the download bandwidth but not upload bandwidth.

Details for my config:

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption


hostname pmsi_qos





enable secret xxx


username admin password xxx

no aaa new-model

ip subnet-zero



ip dhcp excluded-address


ip dhcp pool 0


dns-server 203.189.XX.PO


lease infinite



no ip domain lookup

ip name-server 203.189.XX.XX

ip cef

no scripting tcl init

no scripting tcl encdir




class-map match-any NATTED-HOSTS-IN

match access-group name NATTED-HOSTS-IN

class-map match-any NATTED-HOSTS

match access-group name NATTED-HOSTS



policy-map To-Alpha


shape average 64000

class class-default

shape average 8000

policy-map To-PMSILan


shape average 64000

class class-default

shape average 8000




interface FastEthernet0

description ***PMSI-LAN side***

ip address secondary

ip address 203.189.XX.YY

ip nat inside

service-policy output To-PMSILan

speed auto


interface FastEthernet1



interface Serial0

description *** To Alpha Serial 2/1 ***

bandwidth 2000000

ip address 203.189.XX.YZ

ip nat outside

service-policy output To-Alpha

load-interval 30

clockrate 2000000


ip nat inside source list 7 interface Serial0 overload

ip classless

ip route 203.189.XX.XZ

no ip http server



ip access-list extended NATTED-HOSTS

permit ip host any

ip access-list extended NATTED-HOSTS-IN

permit ip any

access-list 7 permit

access-list 99 permit 203.189.XX.WZ

access-list 99 permit 203.189.XX.AZ

access-list 99 deny any

snmp-server community joshua RO 99

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

snmp-server host 203.189.XX.WZ jose

snmp-server host 203.189.XX.AZ jose





line con 0

line aux 0

line vty 0 4

password 7 01190501

login local




I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
guruprasadr Mon, 11/12/2007 - 21:38

HI, [Pls Rate if HELPS]

If my understanding is not wrong,

To apply the QOS on the Interface connected to the Service Provider for limiting the Upload Bandwidth, you need to request the Service Provider to apply the QOS in their interface.

Neverthless, you can limit the Download Bandwidth at Customer Premessis Equipment itself.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

Let me reiterate the problem... My problem is not about the service provider, it is about making the natted hosts bandwidth to be shaped (limited) download and upload. I can limit the download bandwidth to the interface because it can still recognize the private IP address, for the upload you can only limit the bandwidth of the whole subnet because it is NATted (overload) meaning the public ip add can only be limited.

How can I limit the upload bandwidth of my NATted hosts?? Have you guys already tried this one?


This Discussion