07-06-2008 05:14 PM - edited 03-06-2019 12:01 AM
We have a 10Mbps connection to the Internet (see attached diagram). There are two "groups" basically competing for this 10Mbps - the corporate Internet users and our Internet connected servers. What I want to do is to guarantee bandwidth for the servers - for example 4Mbps (out of the 10Mbps) dedicated to the servers and the rest for the users.
What I'm thinking of is doing some kind of rate-limiting on the Cisco 3750 switch. There seems to be no "rate-limit" command on that switch. I think this can also be done on the Linux box but might be easier on the Cisco switch. Any suggestions?
Thanks,
Tony
Solved! Go to Solution.
07-07-2008 05:32 AM
Hi,
1. Are both the networks on diffrent Vlans.
2. Have you configued the router as router-on-stick ?
3. If possible plz paste the config for the router and switch.
If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.
In this case you can do use rate-limit command on the router itself.
The way i feel it can be done is srr-queue
Switch(config)# interface FastEthernet 0/8
Switch(config-if)# srr-queue bandwidth limit 90
The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.
So you have to put the digit as 96 percent
Hope this helps.
regards,
Pravin
07-07-2008 06:39 AM
hi,
You can do it by srr-queue command for outbound b/w limit.
Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.
if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)
then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link
thanks
rajib
07-07-2008 06:46 AM
Police is only supported as "input" not "output".
Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.
HTH,
__
Edison.
07-06-2008 05:54 PM
Tony,
Please take a moment and read the 3750 QoS documentation at:
You can configure a MQC (Modular QoS CLI) with police, which serves the same function as a 'rate-limit'.
HTH,
__
Edison.
07-07-2008 02:07 AM
Hi,
you can do "rate limit" in cisco 3570 with police command .
For that you have to create class map and policy map and apply it in port with service-policy input/output
thanks
07-07-2008 05:20 AM
Hi Edison, Rajib,
Thanks for the kind reply. I want to limit the downloads on the Linux Internet Gateway box (see diagram on my first post) to 4Mbps - which means I must limit on the outbound direction from the 3750 switch.
Here are the relevant configurations I made:
==
ip access-list extended ACL_SLAP
permit ip any any
class-map match-all CLASS_SLAP
match access-group name ACL_SLAP
!
!
policy-map POLICY_SLAP
class CLASS_SLAP
police 4000000 100000 exceed-action drop
interface GigabitEthernet1/0/16
description "Internet Gateway"
switchport access vlan 61
service-policy input POLICY_SLAP
spanning-tree portfast
==
When I try to assign POLICY_SLAP to service-policy output - I get the following error:
(config-if)#service-policy output POLICY_SLAP
Warning: Assigning a policy map to the output side of an interface not supported
I need to "rate-limit" on the output of the interface to be able to limit the downloads from the Linux Internet gateway - any tips?
Thanks,
Tony
07-07-2008 05:32 AM
Hi,
1. Are both the networks on diffrent Vlans.
2. Have you configued the router as router-on-stick ?
3. If possible plz paste the config for the router and switch.
If this is config as a router-on-stick. that is for linux you have diffrent vlan which is connected to the swith on a vlan which has a subiterfice on the router.
In this case you can do use rate-limit command on the router itself.
The way i feel it can be done is srr-queue
Switch(config)# interface FastEthernet 0/8
Switch(config-if)# srr-queue bandwidth limit 90
The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.
So you have to put the digit as 96 percent
Hope this helps.
regards,
Pravin
07-07-2008 06:39 AM
hi,
You can do it by srr-queue command for outbound b/w limit.
Since the limitation of srr-queue is that it only limit b/w 90%(max) of port speed.
if u rusing 100 Mbps port then you should made the port speed 10 Mbps (by command speed 10)
then u apply command srr-queue bandwith limit 40 which gives exatly 4 mbps link
thanks
rajib
07-07-2008 06:46 AM
Police is only supported as "input" not "output".
Place the service-policy in the incoming interface from the Linux box and the ACL should consists of the 'interesting' traffic from the Linux box towards the rest of the world.
HTH,
__
Edison.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: