ASA 5510 QoS

Unanswered Question
Jul 30th, 2009
User Badges:

I have an ASA 5510 with the newest OS. The ASA is connected to a broadband internet connection.

Is there a way to limit per user traffic to a proportional subset of the total available bandwidth. As an example suppose a single user is accessing the internet, as the sole user they should be allowed to utilize the entire pipe. Suppose four other users begin accessing the internet resulting in a total of five internet users. At this point each user should be allowed to use a proportional amount of the internet connection, specifically one-fifth.

If that is possible I would prefer an even more intelligent route where all users are allowed as much bandwidth as they require unless another user is limited to less than a proportional amount. Suppose 5 users on a 1mbit connection. If 4 of the users were only utilizing 1/10 of the bandwidth each, the other user would be allowed to use the remaining bandwidth. In effect each user would be guaranteed a proportional bandwidth percent but if they aren't using that bandwidth it divided among the remaining users.

Is this possible with an ASA and if so can someone please offer a detailed config.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Roman Rodichev Thu, 07/30/2009 - 21:05
User Badges:
  • Gold, 750 points or more

From what I can remember, this is not possible on ASA, unless you want to setup a QoS policy with each class matching ACL that matches specific user's source IP address and then police (rate limit) that class. Such configuration would not be flexible and dynamic as you requested. ASA has a per-flow QoS, but it only works for VPN tunnel-groups, where each external user's VPN connection would be rate limited to a specified bandwidth.




This Discussion