Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
3
Replies

rate-limit

b.go
Level 1
Level 1

‎08-14-2003 03:58 AM - edited ‎03-02-2019 09:35 AM

Dear all,

I want to reduce bottleneck to our ISP link (256kbps) caused by users' download, etc. Below is my configuration.

interface Serial0/0

ip address rtr.ip net_mask_rtr

ip access-group 100 in

ip nat outside

rate-limit input access-group 104 128000 8000 8000 conform-action transmit exceed-action drop

rate-limit input access-group 105 128000 8000 8000 conform-action transmit exceed-action drop

encapsulation ppp

access-list 104 permit any 192.168.1.0 0.0.0.255

access-list 104 deny any

access-list 105 permit any 192.168.2.0 0.0.0.255

access-list 105 deny any

ACL 100 is more general (i.e: tcp established, and allowed type of connection). I'm not very confident that above 104 & 105 could help me to limit users traffic, and also it seems to me there are two acls for s0/0 to forward traffic to each local 1.x & local 2.x networks.

Any suggestions and helps will be greatly appreciated.

Thank you.

Best regards,

b.go

Labels:
0 Helpful
3 Replies 3

s.matyas
Level 1
Level 1

‎08-15-2003 05:35 AM

hi,

write me your nat and ethernet configuration.....

szicsu

0 Helpful

rjackson
Level 5
Level 5
In response to s.matyas

‎08-18-2003 08:27 AM

Seems like this wont stop them from tying up the internet circuit, it will just stop the data from getting throught the router once it has come over the internet link.

0 Helpful

b.go
Level 1
Level 1
In response to s.matyas

‎08-22-2003 07:29 PM

Hi, here is my ethernet and NAT config.

I'm using router on a stick configuration with Catalyst-2950 at the perimeter with (VLAN1<1.x>, VLAN2<2.x>, and DMZ).

ip nat pool net1 ext_ip1 ext_ip1 netmask ext.ip.net.mask

ip nat pool net2 ext_ip2 ext_ip2 netmask ext.ip.net.mask

ip nat inside source list 1 pool net1 overload

ip nat inside source list 2 pool net2 overload

interface FastEthernet0/0

description TRUNK-TO-SWITCH

no ip address

speed 100

full-duplex

interface FastEthernet0/0.A

description TO NET1

encapsulation dot1Q 1 native

ip address 192.168.1.1 255.255.255.0

no ip redirects

ip nat inside

interface FastEthernet0/0.B

description TO NET2

encapsulation dot1Q 10

ip address 192.168.2.1 255.255.255.0

ip nat inside

interface FastEthernet0/0.C

description TO DMZ

encapsulation dot1Q 100

ip address ext_ip_address net_mask

ip access-group 103 in

ip access-group 102 out

Many thanks for any suggestions and helps.

Best regards,

b.go

0 Helpful
Customers Also Viewed These Support Documents