ASA5510 Limit Inbound and Outbound Bandwidth

Unanswered Question
Oct 28th, 2009

We have an ASA in a colo environment that has a full 100Mbps Internet connection. we are billed at a 95th percentile rate and want to limit ourselves to 34Mbps. I believe this can be done by traffic shaping. I want all traffic affected by this. Our inside is split up by 4 different vlans. I have a feeling this makes this more complicated.

Does this example I found do what i want (except for the bandwidth being off):

pixfirewall(config-pmap)#policy-map PM-SHAPER

pixfirewall(config-pmap)# class class-default

pixfirewall(config-pmap-c)# shape average 2000000 16000

pixfirewall(config-pmap-c)# service-policy PM-SHAPER interface outside

Thanks in advance!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Thu, 10/29/2009 - 07:04

I don't believe you can shape, but you can police. Here's an example and link.

access-list policed_traffic extended permit ip any any

class-map PM-Shaper

match access-list policed_traffic

policy-map PM-SHAPER

class PM-Shaper

police output 20000000 10000

service-policy PM-SHAPER interface outside

Hope that helps.


This Discussion