Limiting Bandwidth by using QoS on Cisco 1841.. Is it possible?

Unanswered Question
Sep 19th, 2010

Hi,


On one of our remote sites we have a 2Mbps Internet leased line with 16 IP address landing on a Cisco 1841 router. Due to the nature of the site, this internet leased line is shared with one of our subcontractor (We assigned one IP to the subcontractor). Recently they have been abusing the service in non-business related stuff.


We need to put a limit on the amount of bandwidth this subcontractor can use at any point of time (say max 25%). So is it possible to accomplish this target by QoS on Cisco 1841? if yes, is it possible to guide me to how it can be done?


Thank you

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Lei Tian Sun, 09/19/2010 - 05:13

Hi Joseph,


Yes, you can limit the bandwidth based on IP. That means you also need to tie his IP with his MAC, or some other way to prevent he changes his IP.


Here is a configuration example of policing; ACL 1 is the acl to match the contractor's IP; fa0/0 is the interface he connects to.


Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 8000 1000 conform-action transmit exceed-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy output police-setting

HTH,

Lei Tian

tinman_dubai Wed, 09/22/2010 - 23:41

Hi Lei,


I am not sure I understand "Yes, you can limit the bandwidth based on IP. That means you also need to tie his IP with his MAC, or some other way to prevent he changes his IP."


Here is a quick and derty network structure of what we have in that site.


----IIL----Cisco 1841----8 port Switch -------Firewall---Linksys RV42 Router A------Our Network

                                                      |----Linksys RV42 Router B----The Subcontractor Network


Now which MAC address should I use? The Linksys RV42 Router B MAC Address?



A friend of mine suggest to use NBAR to determine bandwidth eating applications and then block them using QoS. Is that easier?


Thank you

Lei Tian Thu, 09/23/2010 - 03:32

Hi,


If the Subcontractor uses a different subnet, then don't need to worry about his MAC. You can limit the whole subnet.


If you want get better understanding the traffic in your network, you can use nbar discovery. NBAR itself doesn't block anything, you still need classify based on  subcontractor's ip and then rate limit it.


HTH,

Lei Tian

Actions

This Discussion

Related Content