Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Traffice shaping on Cisco 2611 XM router.

Hi there,

can you do traffic shaping based on ip addresses? In My DMZ i have several servers all having the same gateway to the internet. My gateway router is a 2611XM. I want limit one server for example 256 Kbs (up-down) to the internet and the other let say 512Kbs(up-down). Does anyone can give me a sample config of how this is done if possible?

My topoloy is as follow:

DMZ--->Firewall---->2611XM--->Internet

4 REPLIES

Re: Traffice shaping on Cisco 2611 XM router.

Greg

It can be done but it would be one way as the same needs to configured at the service provider end to work both ways.

ip access-list extended server

permit ip any

*** you can even use the port parameter with TCP to fine tune your settings***

class-map match-all server

match access-group name server

policy-map QoS-to-Internet

class server

shape average

int

max-reserved-bandwidth 100

service-policy output QoS-to-Internet

HTH

Narayan

New Member

Re: Traffice shaping on Cisco 2611 XM router.

Narayan

Once again thanks. Do you mean that in your config only the upload will be limited?

Is it better to put a bandwidth manager between the Cisco router and the firewall?

Greg

Re: Traffice shaping on Cisco 2611 XM router.

Yes you got that right...

I have never implemented a bandwidth manager in this scenario...may be someone else can throw more light on this

HTH

Narayan

New Member

Re: Traffice shaping on Cisco 2611 XM router.

Are you using nat ? This usualy tends to make this kind of configs more complicated.

You should use service policy's to configure this and yes it can be done even with nat overloading.

No nat :

Use a class map to indentify traffic belonging to e certain class.

Use a policy map to shape the traffic from a classes.

Apply service-policy to outgoing interface.

If you use nat or pat. I usually classify traffic on the inside interface with dscp tag's.So they can be classified on the ouside interface with their dscp label instead of address.

H.T.H.

Tom

284
Views
0
Helpful
4
Replies