Need to limit bandwith per switchport on 3560 switches (Pls look Topology)

Shannon Sutter · ‎05-05-2011

Hi,

I am trying to find out what would be the best way to limit the bandwith per switchport/user.

Our remote offices have 3560 with latest IOS running "c3560-ipbasek9-tar.122-55.SE1"

This is the topology for one of the remote offices, the rest of the offices are preety much the same, we have about 18 remote offices sharing a DS3 internet pipe:

(Remote Office) 2811 - 3560 --------T1-------- NOC (Where the ISP seats DS3)

We have two vlans 10 (data) and 15 (Voice), 15 is for the IP phones connected to the remote office switch 3560.

We are experiencing at times, users streaming videos/others clogging T1s, and slowing down the rest of the newtwork (Internet).

What I am trying to find out is if for example if we can limit bandwith on each switport to a specific speed; ex: 500kb, knowing they have a T1 of bandwith limitation to the internet and internal servers (NOC). Of course I don't want to affect the IP phones traffic.

Any advice will be awesome,

Thank you,

Zeek

PETER EIJSBERG · ‎05-12-2011

So you experience congestion caused by Internet traffic (from the central site to the remote sites, right? Why don't you use QoS, mark the VoIP traffic with a higher COS marker and prioritize that on the port going into the T1 at the NOC? If necessary, you can also put "legit" office data traffic in a higher COS than Youtube traffic that way.

Jigar Dave · ‎05-12-2011

Hi Zeek,

To limit bandwidth on the port, you can enable mls qos function on switch.

let's say you have PC and VoIP connected to first 10 ports on switch, you can configure like this

SW#conf t

mls qos

int range fa0/1 - 10

switchport access vlan 10

switchport voice vlan 15

switch priority extend cos 1

mls qos trust cos

mls qos command is configured to tell switch that it should trust incoming cos traffic.default value is 0 so we have changed it to 1

this way voice traffic get higher priority over data traffic.

HTH

Jigar Dave

Note: if it solves your problem, mark it as answered and rate it.

chandu.84 · ‎05-13-2011

I just replied to a post yesterday on 3750s,,i think you can use same commands on 3560 also :

On 3750s :

Rate limiting is not supported by 3750, but policing is:

One way to do egress rate-limiting is using: 'srr-queue bandwidth limit' command.

For e.g:

Switch(config)# interface gigabitethernet 1/0/2

Switch(config-if)# srr-queue bandwidth limit 70 ( this is terms of percentage )

Another Way is :

policy-map rate-limit

class class-default

police 1000000 8000 exceed-action drop

int gi1/0/3

service-policy input rate-limit

service-policy output rate-limit

That should limit inbound and outbound at 1Mb

Another example is :

mls qos

!

class-map match-any Policy

match ip dscp 0 8 16 24 32 40 48 56

policy-map limit30M

class Policy

police 30000000 512000 exceed-action drop

!

end

int gi 1/0/1

speed 100

duplex full

service-policy input limit30M

srr-que bandwidth limit 30 (expressed as % of 100/full or 30% of 100MB, which is 30MB)

i did not try this but this might wrk i guess,, please try in a lab if u have

i think you can kinda play with these commands

Try and look through the command reference for 3750 for many ways

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_46_se/command/reference/cli1.html#wp1864073

These are my understandings

Lemme knw if this wrks

Thnx