Bandwidth Limiting

Answered Question
Jul 6th, 2008
User Badges:

We have a 10Mbps connection to the Internet (see attached diagram). There are two "groups" basically competing for this 10Mbps - the corporate Internet users and our Internet connected servers. What I want to do is to guarantee bandwidth for the servers - for example 4Mbps (out of the 10Mbps) dedicated to the servers and the rest for the users.


What I'm thinking of is doing some kind of rate-limiting on the Cisco 3750 switch. There seems to be no "rate-limit" command on that switch. I think this can also be done on the Linux box but might be easier on the Cisco switch. Any suggestions?


Thanks,

Tony







Attachment: 
Correct Answer by Edison Ortiz about 8 years 10 months ago

Police is only supported as "input" not "output".


Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.


HTH,


__


Edison.

Correct Answer by rajib_das about 8 years 10 months ago

hi,


You can do it by srr-queue command for outbound b/w limit.


Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.

if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)

then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link


thanks

rajib

Correct Answer by Pravin Phadte about 8 years 10 months ago

Hi,


1. Are both the networks on diffrent Vlans.

2. Have you configued the router as router-on-stick ?

3. If possible plz paste the config for the router and switch.


If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.

In this case you can do use rate-limit command on the router itself.


The way i feel it can be done is srr-queue

Switch(config)# interface FastEthernet 0/8

Switch(config-if)# srr-queue bandwidth limit 90

The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.


So you have to put the digit as 96 percent


Hope this helps.


regards,


Pravin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (4 ratings)
Loading.
rajib_das Mon, 07/07/2008 - 02:07
User Badges:

Hi,

you can do "rate limit" in cisco 3570 with police command .

For that you have to create class map and policy map and apply it in port with service-policy input/output


thanks



tonyraboza Mon, 07/07/2008 - 05:20
User Badges:


Hi Edison, Rajib,


Thanks for the kind reply. I want to limit the downloads on the Linux Internet Gateway box (see diagram on my first post) to 4Mbps - which means I must limit on the outbound direction from the 3750 switch.


Here are the relevant configurations I made:


==

ip access-list extended ACL_SLAP

permit ip any any


class-map match-all CLASS_SLAP

match access-group name ACL_SLAP

!

!

policy-map POLICY_SLAP

class CLASS_SLAP

police 4000000 100000 exceed-action drop


interface GigabitEthernet1/0/16

description "Internet Gateway"

switchport access vlan 61

service-policy input POLICY_SLAP

spanning-tree portfast


==


When I try to assign POLICY_SLAP to service-policy output - I get the following error:


(config-if)#service-policy output POLICY_SLAP

Warning: Assigning a policy map to the output side of an interface not supported



I need to "rate-limit" on the output of the interface to be able to limit the downloads from the Linux Internet gateway - any tips?



Thanks,

Tony



Correct Answer
Pravin Phadte Mon, 07/07/2008 - 05:32
User Badges:
  • Silver, 250 points or more

Hi,


1. Are both the networks on diffrent Vlans.

2. Have you configued the router as router-on-stick ?

3. If possible plz paste the config for the router and switch.


If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.

In this case you can do use rate-limit command on the router itself.


The way i feel it can be done is srr-queue

Switch(config)# interface FastEthernet 0/8

Switch(config-if)# srr-queue bandwidth limit 90

The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.


So you have to put the digit as 96 percent


Hope this helps.


regards,


Pravin

Correct Answer
rajib_das Mon, 07/07/2008 - 06:39
User Badges:

hi,


You can do it by srr-queue command for outbound b/w limit.


Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.

if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)

then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link


thanks

rajib

Correct Answer
Edison Ortiz Mon, 07/07/2008 - 06:46
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Police is only supported as "input" not "output".


Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.


HTH,


__


Edison.

Actions

This Discussion