Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Per IP qos

Dear Sir,

We have one web server connected to a port on 2960/3560 switch. There are two web sites on the server. Each wet site has his own IP. We want to configure qos and let web site 1 has 5M and web site 2 has 3M of bandwidth. Is it possible with service policy?



Re: Per IP qos


Yes its possible using Policing or Shaping, please look into the bellow (Policing) example:

lets assume website 1 has the ip address of

let assume  website 2 has the ip address of

class-map match-any website1

match access-group 100

class-map match-any website2

match access-group 101

access-list 100 permit ip host any

access-list 101 permit ip host any

policy-map website

class website1

police 5 Mbps

class website2

police 3 Mbps

interface X (outbound Interface)

service-policy output website



Hall of Fame Super Bronze

Re: Per IP qos

No, it's not possible with a service-policy on the hardware that you have.

Policers are only supported on ingress

If you want to limit egress bandwidth, your only option is srr-queue bandwidth limit



New Member

Re: Per IP qos

I see. If I want to control the out going web traffic only, Mohamed's example is good enough.

But for controlling traffic from both direction, we will need to user SRR. But, we have two IPs from the same interface. Can SRR be applied 5M and 3M to indivdual IP respectively? Do you have an example Edison?


Hall of Fame Super Bronze

Re: Per IP qos

As I stated, you can't police egress traffic on the hardware at hand - thus the example provided by Mohamed won't work.
You can police traffic on ingress with MQC as the switch supports such feature.

The documentation provides an example on how to implement bandwith limits with srr-queue bandwidth limit.

The limit is imposed globally on the port and can't be applied per-traffic class or flow.

Per IP qos

Hi guys,

Do you have any idea how I can achieve QoS per IP?

I have a router doing NAT for and one ISP.

I want to police all the network members so no user would exceed 300KB/s or 2.4Mbps. From what I know:

class-map match-any LAN

match access-group 100

access-list 100 permit ip any

policy-map local_lan

class LAN

police 2400000

interface Fa0/0 (local Interface)

service-policy input local_lan

Will this work per IP or it will limit ALL users up to 2.4 Mbps?

Re: Per IP qos

this will limit ALL users up to 2.4 Mbps

policy-map Shape

class class-default

  shape average 2400000


interface Fa0/0 (local Interface)

service-policy input Shape

yours too

and of course you can limit per user but you need access-list for each and class map for each

Per IP qos

Hi mate,

Thanks for the input; hope I will be able to test this couple of weeks from now on real hardware.