Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

limit bw from a subnet to 256K and allow all other traffic to take the remaining

Hello - object, limit bw from a subnet to 256K and allow all other traffic to take the remaining

Am I on the correct path? And, is this the most effective way to go about it?

access-list 1 permit 10.1.2.0 0.0.0.255 any

class-map police_me

match access-group 1

policy-map police_me_2_256k

class police_me

police 256 conform transmit exceed drop

int e0/0 (outbound interface to limit, traffic to limit comes in on a different interface, say e0/1)

service-policy output police_me_2_256k

3 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Bronze

Re: limit bw from a subnet to 256K and allow all other traffic t

Yes, that configuration will provide a policer for the matched traffic.

Have you considered using CBWFQ for the matched traffic instead of policing the flows?

CBWFQ will only kick during congestion and it will allow the matched traffic to use more bandwidth than 256k during non-congestion.

access-list 1 permit 10.1.2.0 0.0.0.255 any

class-map police_me

match access-group 1

policy-map police_me_2_256k

class police_me

bandwidth 256

class class-default

bandwidth (remaining bandwidth).

Hall of Fame Super Gold

Re: limit bw from a subnet to 256K and allow all other traffic t

Do not use policy. Use shaping.

Same effect but better performances for users.

Hall of Fame Super Blue

Re: limit bw from a subnet to 256K and allow all other traffic t

atmpinniatm wrote:

Thank you - time to study up on the difference between policy and shaping

Put simply both policing and shaping have an upper limit beyond which they will not transmit the packet. Beyond this limit policing simply drops the packet whereas shaping buffers the additional packets until they can be sent.

This is why, as Paolo said, shaping gives a better performance from a user perspective.

Jon

6 REPLIES
Hall of Fame Super Bronze

Re: limit bw from a subnet to 256K and allow all other traffic t

Yes, that configuration will provide a policer for the matched traffic.

Have you considered using CBWFQ for the matched traffic instead of policing the flows?

CBWFQ will only kick during congestion and it will allow the matched traffic to use more bandwidth than 256k during non-congestion.

access-list 1 permit 10.1.2.0 0.0.0.255 any

class-map police_me

match access-group 1

policy-map police_me_2_256k

class police_me

bandwidth 256

class class-default

bandwidth (remaining bandwidth).

New Member

Re: limit bw from a subnet to 256K and allow all other traffic t

Thank you. I want to put a hard limit of 256K on subnet X. i.e. it gets 256K and no more bandwidth – ever.

Thank you. I want to put a hard limit of 256K on subnet X. i.e. it gets 256K and no more bandwidth – ever.

Through research I thought I would have to use WRED to ‘early detect’ bandwidth exceeding 256k and drop it??

I thought CBWFQ would all a ‘free for all’ except in times of congestion??

Assume traffic to be policed comes in via g0/1

So – will this do it?

Access list xyz permit subnet_X to_any

Class-map 123

Match access-list xyz

Policy-map 256000_limit

Class 123

bandwidth 256

  random-detect

   police 256000 conform-action transmit  exceed-action drop  violate-action drop

??

Interface g0/0

Service-policy output 256000_limit

Hall of Fame Super Gold

Re: limit bw from a subnet to 256K and allow all other traffic t

Do not use policy. Use shaping.

Same effect but better performances for users.

New Member

Re: limit bw from a subnet to 256K and allow all other traffic t

Thank you - time to study up on the difference between policy and shaping

Hall of Fame Super Blue

Re: limit bw from a subnet to 256K and allow all other traffic t

atmpinniatm wrote:

Thank you - time to study up on the difference between policy and shaping

Put simply both policing and shaping have an upper limit beyond which they will not transmit the packet. Beyond this limit policing simply drops the packet whereas shaping buffers the additional packets until they can be sent.

This is why, as Paolo said, shaping gives a better performance from a user perspective.

Jon

Hall of Fame Super Gold

Re: limit bw from a subnet to 256K and allow all other traffic t

The better performance is also from a circuit utilization perspective.

Because there are less TCP drops, hence less packet retransmissions and wasted BW.

337
Views
0
Helpful
6
Replies
CreatePlease login to create content