Cisco Support Community
Community Member

Bandwidth policing with IPSLA

Hi All,

I want to police internet traffic and do per ip bandwidth limiting, what can be the best method to acheive this ? Right now i am doing it by divding my public pool into small sections and then imposing limit by configuring "Access-lists with defined service policies (IP-SLA)" and its working fine.

This whole exercise has been done on 2 Cisco 3945E routers with IPBase-K9 image now my concerns are -

1. Can we do traffic policing on per ip basis (We have pool of /22) ? Is there any documented limit by cisco ?

2. Routers are taking load of 45 mbps BGP links as well, upto what extent this practise is recommended (in terms of routing,CPU and memory overhead) ?

3. 2 Cisco 3750x switch (stacked) with IPbase image are configured as distribution switch between routers and firewall, i am thinking of migrating whole set of policing to switch, is that recommended ?

4. What exactly CAR does and how i can exploit the same with my current hardware ?

Really looking for genuin advise, would be greatfull, Thanks in advance.



Bandwidth policing with IPSLA

Hi Sharad,

Check the following posts and documents -

Per IP QoS

And then there are features, User Based Rate-Limiting (platform specific) -

For CAR -

"Access-lists with defined service policies (IP-SLA)" I have never heard of that.


CreatePlease to create content