Bandwidth Limiting

Answered Question
Jul 6th, 2008

We have a 10Mbps connection to the Internet (see attached diagram). There are two "groups" basically competing for this 10Mbps - the corporate Internet users and our Internet connected servers. What I want to do is to guarantee bandwidth for the servers - for example 4Mbps (out of the 10Mbps) dedicated to the servers and the rest for the users.

What I'm thinking of is doing some kind of rate-limiting on the Cisco 3750 switch. There seems to be no "rate-limit" command on that switch. I think this can also be done on the Linux box but might be easier on the Cisco switch. Any suggestions?

Thanks,

Tony

Attachment: 
I have this problem too.
1 vote
Correct Answer by Edison Ortiz about 8 years 6 months ago

Police is only supported as "input" not "output".

Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.

HTH,

__

Edison.

Correct Answer by rajib_das about 8 years 6 months ago

hi,

You can do it by srr-queue command for outbound b/w limit.

Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.

if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)

then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link

thanks

rajib

Correct Answer by Pravin Phadte about 8 years 6 months ago

Hi,

1. Are both the networks on diffrent Vlans.

2. Have you configued the router as router-on-stick ?

3. If possible plz paste the config for the router and switch.

If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.

In this case you can do use rate-limit command on the router itself.

The way i feel it can be done is srr-queue

Switch(config)# interface FastEthernet 0/8

Switch(config-if)# srr-queue bandwidth limit 90

The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.

So you have to put the digit as 96 percent

Hope this helps.

regards,

Pravin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (4 ratings)
Loading.
rajib_das Mon, 07/07/2008 - 02:07

Hi,

you can do "rate limit" in cisco 3570 with police command .

For that you have to create class map and policy map and apply it in port with service-policy input/output

thanks

tonyraboza Mon, 07/07/2008 - 05:20

Hi Edison, Rajib,

Thanks for the kind reply. I want to limit the downloads on the Linux Internet Gateway box (see diagram on my first post) to 4Mbps - which means I must limit on the outbound direction from the 3750 switch.

Here are the relevant configurations I made:

==

ip access-list extended ACL_SLAP

permit ip any any

class-map match-all CLASS_SLAP

match access-group name ACL_SLAP

!

!

policy-map POLICY_SLAP

class CLASS_SLAP

police 4000000 100000 exceed-action drop

interface GigabitEthernet1/0/16

description "Internet Gateway"

switchport access vlan 61

service-policy input POLICY_SLAP

spanning-tree portfast

==

When I try to assign POLICY_SLAP to service-policy output - I get the following error:

(config-if)#service-policy output POLICY_SLAP

Warning: Assigning a policy map to the output side of an interface not supported

I need to "rate-limit" on the output of the interface to be able to limit the downloads from the Linux Internet gateway - any tips?

Thanks,

Tony

Correct Answer
Pravin Phadte Mon, 07/07/2008 - 05:32

Hi,

1. Are both the networks on diffrent Vlans.

2. Have you configued the router as router-on-stick ?

3. If possible plz paste the config for the router and switch.

If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.

In this case you can do use rate-limit command on the router itself.

The way i feel it can be done is srr-queue

Switch(config)# interface FastEthernet 0/8

Switch(config-if)# srr-queue bandwidth limit 90

The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.

So you have to put the digit as 96 percent

Hope this helps.

regards,

Pravin

Correct Answer
rajib_das Mon, 07/07/2008 - 06:39

hi,

You can do it by srr-queue command for outbound b/w limit.

Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.

if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)

then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link

thanks

rajib

Correct Answer
Edison Ortiz Mon, 07/07/2008 - 06:46

Police is only supported as "input" not "output".

Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.

HTH,

__

Edison.

Actions

This Discussion