Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

limiting inbound bandwidth usage

I would like to somehow limit the bandwidth usage of inbound traffic (from Internet to us) on our network. I have been reading up quite a bit on all the QoS techniques available but they all seem to be geared toward limiting outbound bandwidth usage so it seems like QoS is not the answer. I was thinking of doing something on the input side but I don't see how any type of action I do on the input to our router will make a difference. If the ISP already sent the data down, then the bandwidth is already gone therefore I don't think that dropping or de-prioritizing packets as they enter my router will help. What can I do on the outbound side of the router that will somehow cause less packets to be generated inbound?

Thanks,

Diego

4 REPLIES
Silver

Re: limiting inbound bandwidth usage

Diego,

You could limit inbound BW with QOS.. Either with MQC or CAR you could accomplish this. Here's a link to MQC.

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800bd908.html

Your point about the BW is already used is a good one so doing this might not result you in much other than more retries from your clients. The important part to consider is what is your end goal? If downstream traffic reduction is that goal then to identify what that traffic is is a very good place to start. If it's HTTP or FTP related there are caching devices/ SW packages that can help optimize HTTP requests and FTP requests from users on your network. If it's something else then knowing what that is is useful for QOS to implement some sort of Bandwidth contraints based on that traffic type (i.e. WinAMP application could be classified and given only a little bit of upstream bandwidth).

Hope this helps you,

Don

New Member

Re: limiting inbound bandwidth usage

Actually, I can classify my traffic into just two broad categories... IPSec, and everything else. We run both an IPSec based VPN and Internet traffic on the same circuit. I can use QoS to control outbound bandwidth and give IPSec priority. This assures that we have plenty of BW to send IPSec to the remote offices. The problem is that incoming IPSec traffic from the remote branches has to fight its way thru all the Internet traffic generated by user browsing, downloading, etc. I was thinking of maybe using an aggressive WRED policy to attack and disrupt the outgoing non-IPSec TCP protocol based data flows. The idea would be that if ACKs and replies don't make it to the outside hosts they would throttle back with sending data in.

Does this make sense?

TIA,

Diego

New Member

Re: limiting inbound bandwidth usage

make policy-map with avarage shaping and apply it on the internal iface as output. This will shape your clients not to eat all your bw. Respecively if you need real traffic priority use the same tactic on your WAN links with strict CBWFQ priority.

New Member

Re: limiting inbound bandwidth usage

As far as i know, you could use rate-limit to reduce low-priority TCP flows (packets drop, TCP sliding window etc.) Unfortunately you can't use this method for UDP-based traffic.

310
Views
0
Helpful
4
Replies