Bandwidth configuration in Internet Router

Unanswered Question
Oct 22nd, 2008


I have configured QoS for outgoing Internet traffic.Eg: Reserved 1 Mb of outgoing traffic from a specific LAN range out of 10 Mbps internet pipe.

My outgoing traffic is limited as per QoS but I am unable to limit the incoming traffic since I will not be able to know the return traffic sources.Due to this I am not able to configure / allocate dedicated internet bandwidth for projects with different IP range.Please suggest.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ARUNPRABHU A Thu, 10/23/2008 - 02:56


You first Audit your network by examining the amount of traffic incoming for each network Segment.

After getting clear the Traffic flows you can configure the Service policy inbound in the outside interface as you did for Outbound in the outside interface.

tcordier Thu, 10/23/2008 - 03:04

Your main problem is that even if you could limit or police incoming traffic, you could only do so in your router. However, your router sees the traffic only once it has already passed your Internet access line (which is your bottleneck). You can do two things:

- contact your ISP and ask your ISP if they provide QoS (some ISP do) and can apply QoS to your access line,

- work under the assumption that each amount of incoming traffic is generated by a certain amount of outgoing traffic (e.g. when your end-user sends a http request, the webcontent is a reply to their requests), and limit outgoing traffic accordingly. For instance, limit ftp requests, or other downloads.

HTH, Thomas

ARUNPRABHU A Thu, 10/23/2008 - 03:26

Hi Thomas,

Your Option is well and good when service provider accepts the same. But if they are doing NATing then it can't be done and as explained it can be filtered based on outgoing traffic.

Warm Rgds,


Joseph W. Doherty Thu, 10/23/2008 - 05:02

Don't know the return traffic sources? But you do know your return destination addresses, don't you? Should be visible, I think, on your internal LAN connected interface assuming you're doing NAT on the router. Otherwise, further inside after NAT.

As Thomas notes, trying to manage inbound bandwidth after the downstream bottleneck, isn't as effective as we often desire. You can severely police inbound traffic which will help keep the inbound traffic from ramping up, assuming it's TCP. And/or, you can shape outbound ACKs, again assuming TCP. (Shaping outbound ACKs as needed is very difficult. Not the actual shaping, but getting effective results.)


This Discussion