10-26-2009 08:09 AM - edited 03-06-2019 08:18 AM
Hi,
I am struggling to limit the bandwidth that is available to networks via a 3560 switch. I have tried 2 approaches:
Rate Limiting on a routed port with ACL to define taffic to be limited:
interface FastEthernet0/24
description routed port to ASA
no switchport
ip address 172.16.229.254 255.255.255.0
rate-limit input access-group 101 10000 10000 10000 conform-action transmit exceed-action drop
rate-limit output access-group 101 10000 10000 10000 conform-action transmit exceed-action drop
access-list 101 permit ip 172.16.8.0 0.0.0.255 any
I have also tried applying mls auto qos:
interface FastEthernet0/20
switchport access vlan 20
speed 10
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
srr-queue bandwidth limit 10
mls qos trust cos
auto qos voip trust
....but this only limits the download speed and not the upload speed
10-26-2009 09:59 AM
mls qos
!
access-list 101 permit ip 172.16.8.0 0.0.0.255 any
!
Policy-map LIMIT_10_MEG
class TEST1
police 10000000 8000 exceed-action drop
!
class-map match-all TEST1
match access-group 101
!
interface fast0/24
service-policy input LIMIT_10_MEG
srr-queue bandwidth shape 10
>> This will limit the upload traffic rate from the 172.16.8.0/24 net
as the policy-map is applied "inbound"
You need another policy-map matching the outbound traffic and then apply this
other policy-map outbound f0/24
10-26-2009 10:02 AM
Just checked further and the 3560 won't support output policy-maps but for output rate-limiting, you can limit the egress port bandwidth with the
"srr-queue bandwidth limit" command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide