I have a client whom has a Metro Ethernet connection. I have been tasked by the client to give a certain amount of bandwidth to specific groups, i.e., 2 meg to the Admin staff, 1.5 Meg to the Guests, and then another .5 Meg to a group we will call group x.
I configured the following on the 3825 router that faces the Internet and hosts the Metro E connection, but when I run speedtests out to the Internet, and even though I see hit counts on the associated ACL's, the policy does not seem to work, and I am not limiting the bandwidth per group.
Here is the config I have used to try to get this to work
class-map match-any groupx
match access-group name groupx
class-map match-any BHI
match access-group name BHI
class-map match-any Rooms
match access-group name Rooms
ip access-list extended BHI
permit ip host xxx.xxx.224.3 any
permit ip any host xxx.xxx.224.3
permit ip any host xxx.xxx.224.7
permit ip host xxx.xxx.224.7 any
permit ip any host xxx.xxx.224.4
permit ip host xxx.xxx.224.4 any
permit ip host xxx.xxx.224.5 any
permit ip any host xxx.xxx.224.5
ip access-list extended Rooms
permit ip host xxx.xxx.224.8 any
permit ip any host xxx.xxx.224.8
ip access-list extended groupx
permit ip any host xxx.xxx.224.9
permit ip host xxx.xxx.224.9 any
description FACES INSIDE - CONNECTS TO BHIASAOP$FW_INSIDE$$ETH-LAN$
ip address xxx.xxx.224.1 255.255.255.0
ip access-group restrict_SSH in
ip access-group blockNomadixports out
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
no ip route-cache cef
service-policy output SplitBandwidth
What have I missed here?
Unless there is congestion on the link then the bandwidth command will do nothing. If you want to actually restrict each dept to a specfic bandwidth then you need to consider policing or more likely shaping the traffic of each dept so they cannot go above their alloted bandwidth.
But is this what you want to do ie. if you police/shape and there is spare bandwidth from another dept that is not being used it will remain unused whereas currently with your config the spare bandwidth could be used any another dept.