02-08-2010 10:50 AM
I have a client in the same building that would like to purchase 2Mb internet connection. I am handing off ethernet to this client from a port on my 3750. I need to limit this connection to 2Mb. I tried configuring srr-queue bandwidth limit 20, changed the interface speed to 10Mb and ran an internet speed test. The download speed was 2Mb but the Upload speed was still the full 10Mb internet connection. I tried policing on the interface to limit the upload speed (from pc to internet) and that didn't seem to work.
Any ideas?
Thanks
Greg
02-08-2010 02:07 PM
Hi,
"Srr-queue bandwidth limit" does not limit inbound traffic, It is used to limit the maximum bandwidth transmitted out of an interface. To limit the inbound traffic on an interface, you must use ingress policing.
Thanks
Hatim Badr
08-16-2012 02:20 AM
Hi,
I have the exact same challenge! 2mb up/down needed on a single port. Download speed works like a charm at 2mb with
#srr-queue bandwidth limit 20 (its a 10 mb line)
However, the upload speed is not limited.
Does anyone know the command to accomplish this?
Regards,
RG
08-19-2012 02:54 AM
Have you tried to use bandwidth limit for outbound direction and policing for inbound direction as advised by Hatim above ?
Sent from Cisco Technical Support iPad App
08-19-2012 02:57 AM
Hi,
I have tried to implement policing to inbound traffic but it didnt work.
Any suggestion for the appropriate commands to get this working?
Many thanks
08-19-2012 07:02 AM
Good morning,
You can police upload traffic in this way:
!
mls qos
!
ip access-list extended BANDWIDTH-CUSTOMER_23-ACL
permit ip any any
!
class-map BANDWIDTH-CUSTOMER_23-CM
description --- Match traffic upload for customer 23 --
match access-group name BANDWIDTH-CUSTOMER_23-ACL
!
policy-map BANDWIDTH-CUSTOMER_23-PM
description --- Customer 23 police upload traffic, burst is in byte/sec---
class BANDWIDTH-CUSTOMER_23-CM
police 2048000 262144 exceed-action drop
!
interface GigabitEthernet1/0/23
description --- Customer 23 upload 2 Mbps ---
service-policy input BANDWIDTH-CUSTOMER_23-PM
!
Samuel Petrescu
08-19-2012 11:08 AM
Hi Samuel,
Many thanks for looking into this. I have tried the commands on my 3550 at home and it only worked for download, not upload.
I think the 3550 is not fully compatible with this class mapping as I had to adapt the last command to
service-policy input BANDWIDTH-CUSTOMER_23-PM
If I use service-policy output BANDWIDTH-CUSTOMER_23-PM
it complaints the class is not compatible. Tomorrow I will try on the 3750 and post the outcome!
Many thanks!
08-19-2012 11:34 AM
On Cisco 3750 policy works only in input direction.
If you want to police traffic Input and Output for a customer, you need two polices.
One applied to the interface where customer is directly connected (like preview one).
One applied to the uplink on the switch.
The customer has to have static IP, so you can identify the customer on ACL
Something like this:
If Uplink for the switch is Gi1/0/1 and IP address for Customer 23 is 10.1.10.23/32
ip access-list extended BANDWIDTH-CUSTOMER_23-DOWNLOAD-ACL
permit ip any host 10.1.10.23
!
class-map BANDWIDTH-CUSTOMER_23-DOWNLOAD-CM
description --- Match traffic downloads for customer 23 --
match access-group name BANDWIDTH-CUSTOMER_23-DOWNLOAD-ACL
!
policy-map ALL-DOWNLOADS-PM
description --- Police all downloads, one custemer per class-map ---
class BANDWIDTH-CUSTOMER_23-DOWNLOAD-CM
police 2048000 262144 exceed-action drop
!
interface GigabitEthernet1/0/1
description --- Upling to the Edge router ---
service-policy input ALL-DOWNLOADS-PM
!
This example is from a production environment
Samuel Petrescu
08-20-2012 07:05 AM
Hi Samuel,
Brilliant! Kudos! It worked! Many thanks for your support!
08-20-2012 09:02 AM
Glad to help !
Samuel Petrescu
06-04-2017 02:08 PM
Hello Samuel Petrescu.
Can you help me?
I need to restrict download and upload speed of one host of one vlan to 256 kb/s download and 256 kb/s upload.
The host is with static IP address.
The network topology is simple.
Host ->Cisco switch->Cisco Router.
I want to do this restriction on cisco router.
I will be happy to see example configuration.
Here I see clear example of download restriction.
But for upload ?
And where exactly I have to apply these polices ?
Download policy ? Interface of what?
Upload policy? Interface of what?
I want to see clear example form beginning to end.
I am junior and to me is difficult to understand if the example is not clear like in cisco courses.
But in CISCO CCNA SECURITY in net academy I didn't see example of restriction of one host of vlan network.
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: