Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SMTP traffic shaping

Hello. I'm trying to restrict SMTP bandwidth to ~640kbit. This should be applied to Se0/0 interface, my device is a Cisco 1760.

IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.3(6a)

I've tried this:

!

class-map match-all match-smtp

match protocol smtp

!

!

policy-map smtptraffic

class match-smtp

shape average 640000 640000 0

!

!

interface Serial0/0

ip address x.x.x.x 255.255.255.252

ip access-group in-list in

ip access-group out-list out

ip nat outside

service-policy output smtptraffic

encapsulation ppp

ip route-cache flow

VPN-Bucharest#sh policy-map int Se0/0

Serial0/0

Service-policy output: smtptraffic

Class-map: match-smtp (match-all)

59977 packets, 83502451 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: access-group 2

Traffic Shaping

Target/Average Byte Sustain Excess Interval Increment

Rate Limit bits/int bits/int (ms) (bytes)

640000/640000 80000 640000 0 1000 80000

Adapt Queue Packets Bytes Packets Bytes Shaping

Active Depth Delayed Delayed Active

- 0 0 0 0 0 no

Class-map: class-default (match-any)

58902 packets, 33267078 bytes

5 minute offered rate 17000 bps, drop rate 0 bps

Match: any

When the Exchange server (attached on Fa0/0) starts spitting out mails to the Internet the traffic instantly reaches wirespeed (1mbps), and of course all hell breaks loose (latency, etc). The question is what is wrong with the above config that won't keep SMTP traffic at 640kbit.

I see a "Shaping Active no" there, which doesn't sound good.

I am definitely missing something.

Any help is appreciated, thank you.

--Adrian.

  • Other Collaboration Voice and Video Subjects
1 REPLY

Re: SMTP traffic shaping

Hello Adrian,

there is one strange thing in your show/config given:

class-map match-all match-smtp

match protocol smtp

----snip----

Class-map: match-smtp (match-all)

59977 packets, 83502451 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: access-group 2

----snip----

Why does ACL 2 show up int the show policy-map command, when you have configured NBAR (match protocol smtp)?

Are you sure those two outputs are from the same router with the same config? Can you please highlight the underlying reason for this inconsistency? If not a reboot might help ...

Otherwise you might also leave away the Bc and Be values and just take "shape average 640000".

Hope this helps! Please rate all posts.

Regards, Martin

361
Views
0
Helpful
1
Replies
This widget could not be displayed.