Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Rate limit an IP

I need to limit the amount of bandwidht 256K that a single IP can receive or transmit through our 7200 to the internet. Would the best way be to configure an extended IP access-list and apply a rate limit to interface.

access-list 101 permit ip host x.x.x.x any

At Interface:

rate-limit input access-group 101 256000 32000 32000 conform-action tranmit exceed-action drop

rate-limit output access-group 101 256000 32000 32000 conform-action tranmit exceed-action drop

I also have additional access-lists applied to same interface. Do I also need to add the permit IP any any to this access list.

1 REPLY
Cisco Employee

Re: Rate limit an IP

your config with extended ACL looks ok.

You don't need to permit ip any any in acl 101 otherwise you would limit all traffic to 256k.

Also, rate-limiting on input is usually useless if what you want to do is preserve the WAN resource.

When traffic hits the 'rate-limit input' interface, it already crossed the WAN link.

95
Views
0
Helpful
1
Replies