Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

rate limits

Hi folks,

Need some input regarding rate-limits as I have not been able to locate a great deal of information or examples. It's possible that I am going about this incorrectly. The goal is to limit available www bandwidth - dropping traffic that exceeds around 256 Kbps.

Here is what I have tried:

interface Serial0

description Private Line number *****

ip address *****

ip access-group 100 in

no ip redirects

no ip unreachables

ip nat outside

ip inspect firewall out

rate-limit input access-group 177 256000 1500 2000 conform-action transmit exceed-action drop

rate-limit output access-group 177 256000 1500 2000 conform-action transmit exceed-action drop

no fair-queue

service-module t1 timeslots 1-8

access-list 177 permit tcp any any eq www log

After applying the config I browse the net and see the entries matching access-list 177 being logged but the bandwidth is still exceeding the limit assigned.

Please help or point to more info.

Thanks

3 REPLIES
VIP Purple

Re: rate limits

Hello,

what do you see when you issue the show interfaces rate-limit command ? Do you see any exceeding traffic being dropped ?

Regards,

GP

Community Member

Re: rate limits

I did a show interface rate-limit and it did not show any traffic being dropped.

I tried the following class/policy map to reduce the amount of bandwidth that can be consumed by web traffic.

class-map match-all http

match access-group 177

!

policy-map web-police

class http

bandwidth percent 30

!

access-list 177 permit tcp any any eq www

!

int atm

service-policy output WWW

However, I am assuming this will enforce the limit regardless of the level of other traffic being consumed. I want to be able to didicate more bandwidth to www if there are not other processes consuming the bandwidth. For example, giving priority to SMTP, Citrix, FTP, DNS, etc.

Can I set traffic at presedence levels when using policy maps?

Community Member

Re: rate limits

hi,

i tried with policys and saw that this really works fine:

policy-map police_traffic_in

class gold_bank

police cir percent 30 bc 500 ms pir percent 100 be 500 ms

conform-action set-prec-transmit 4

exceed-action set-prec-transmit 0

violate-action drop

class silber_bank

police cir percent 20 bc 500 ms pir percent 100 be 500 ms

conform-action set-prec-transmit 3

exceed-action set-prec-transmit 0

violate-action drop

class stahl_bank

police cir percent 10 bc 500 ms pir percent 100 be 500 ms

conform-action set-prec-transmit 1

exceed-action set-prec-transmit 0

violate-action drop

class class-default

police cir percent 100 bc 500 ms

conform-action set-prec-transmit 0

exceed-action drop

!

you can do nearly everything with the policys

(ip-prec-setting,....) - the only disadvantage is that you need 12.3.x

93
Views
0
Helpful
3
Replies
CreatePlease to create content