Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

Hi experts,

I'm just seeking some ideas in my setup scenario.

I will have this one router. Its f0/0 will be for the Internet connection with bandwidth of 30Mbps. Its f0/1 will be connected to a switch for internal networks. This link will be separated to 3 VLANs for 3 internal networks. I'm wondering if there is a way to gurantee 10Mbps for each VLAN but allow use up to 30Mbps when another two VLANs are not using any Internet bandwidth? I only worry about download bandwidth from internet.

The 3 internal networks will all have public IPs and they belong to their own subnets. There won't be NAT/PAT.

A sample config is greatly appreciated!

Thanks!

Difan

2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

Re: Limiting bandwidth on Cisco router (possible 1800 series)

The following example polices the inside interface to 30Mbps.  It also utilizes a fair queue mechanism so that all subnets are queued equally yet can use the entire purchased rate in the absence of competing traffic.



access-list 101 permit ip any a.a.a.a w.w.w.w ## Subnet A

access-list 102 permit ip any b.b.b.b w.w.w.w ## Subnet B

access-list 103 permit ip any c.c.c.c w.w.w.w ## Subnet C

class-map subnet-a
match access-group 101

class-map subnet-b
match access-group 102

class-map subnet-c
match access-group 103

policy-map subnets
class-map subnet-a
  bandwidth percent 33
class-map subnet-b
  bandwidth percent 33
class-map subnet-c
  bandwidth percent 33
exit

policy-map physical
class class-default
  police 30000000 conform-action transmit exceed-action drop
  service-policy subnets
exit

int fa0/1
service-policy output physical
exit

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Dear christopher,

Thanks you for your post!!!!

So i would like to ask you some question that on your configuration you mean that Vlan A bandwidth 10MB,Vlan B bandwidth 10MB and Vlan C bandwidth 10MB right? if conrrect, so how can we know that the traffice can share 10 MB?

Best Regards,

Rechard

23 REPLIES
Silver

Re: Limiting bandwidth on Cisco router (possible 1800 series)

The following example polices the inside interface to 30Mbps.  It also utilizes a fair queue mechanism so that all subnets are queued equally yet can use the entire purchased rate in the absence of competing traffic.



access-list 101 permit ip any a.a.a.a w.w.w.w ## Subnet A

access-list 102 permit ip any b.b.b.b w.w.w.w ## Subnet B

access-list 103 permit ip any c.c.c.c w.w.w.w ## Subnet C

class-map subnet-a
match access-group 101

class-map subnet-b
match access-group 102

class-map subnet-c
match access-group 103

policy-map subnets
class-map subnet-a
  bandwidth percent 33
class-map subnet-b
  bandwidth percent 33
class-map subnet-c
  bandwidth percent 33
exit

policy-map physical
class class-default
  police 30000000 conform-action transmit exceed-action drop
  service-policy subnets
exit

int fa0/1
service-policy output physical
exit

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Dear christopher,

Thanks you for your post!!!!

So i would like to ask you some question that on your configuration you mean that Vlan A bandwidth 10MB,Vlan B bandwidth 10MB and Vlan C bandwidth 10MB right? if conrrect, so how can we know that the traffice can share 10 MB?

Best Regards,

Rechard

Silver

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Rechard,

You are correct.

The parent policy (physical) limits the traffic to 30Mbps.  The child policy (subnets) allocates 33% of available bandwidth to each subnet.  In this case it should be very close to 10Mbps for each subnet.  This is a fair queue mechanism so it will only enforce the 10Mbps limit if all subnets are in contention with each other.  If subnet A and B are idle subnet C can take all 30Mbps. 


Chris

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Hi Chris,

Thank you very much for the config and the diagram!

However does it mean that I have to use secondard IPs instead of using VLAN sub-interfaces? I was going to create three sub-interfaces f0/1.10, f0/1.20 and f0/1.30. In this case I think I probably can still use your policy-map and class-map. However where do I implement the policy? If I put it under f0/1, will it affect all three sub-interfaces?

Thanks!

Difan

Silver

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Difan,


Yes, applying it to the physical interface should affect all traffic traversing that interface; which includes all sub-interfaces.  This link has one example of this approach, but you must dig to find it.


http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/Ethernet_Access_for_NG_MAN_WAN_V3.1_external.html


I'm not sure if this technique is supported on the 1800, but it's worth a try. 


If not you could police each sub-interface.  This would ensure good service for everyone but leave bandwidth unused and unavailable during idle times.



Chris

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Hi Chris,

It works great! I put it on f0/1 and it does affect all the sub-interfaces. Awesome solution! Thank you!

Difan

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

.

Super Bronze

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Disclaimer

The     Author of this posting offers the information contained within this     posting without consideration and with the reader's understanding  that    there's no implied or expressed suitability or fitness for any   purpose.   Information provided is for informational purposes only and   should not   be construed as rendering professional advice of any kind.   Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In     no event shall Author be liable for any damages whatsoever   (including,   without limitation, damages for loss of use, data or   profit) arising  out  of the use or inability to use the posting's   information even if  Author  has been advised of the possibility of  such  damage.

Posting

For the policy described, it might appear to be working correctly, but from what you've noted as your requirements, don't believe it does.

The issue I see is that parent is configured with a policer, not a shaper.  This indeed will limit overall bandwidth to 30 Mbps, but will not cause packets to queue in the child policy where each is guaranteed 1/3 of the bandwidth.

Other issues include: if the ingress link from Internet actually only provides 30 Mbps, how would there be excess bandwidth to manage on the egress link to the LAN?  If the ingress link actually provides more than 30 Mbps, an overall shaper or policer, applies to all traffic, i.e. it negates the excess bandwidth.  Additionally, downstream policers or shapers, although they can control bandwidth downstream of them, are not fully effective managing upsteam bandwidth.

The right way to apply this policy is to apply in at egress on the Internet side that's sending to you.  Unfortunately, often not possible because it's ISP equipment and they often will not cooperate.

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Actulally i have  in my control the 2 routers that the fiber link is connected  and i want to slice the 50Mbit to 3 vlans

so if i apply this tou both routers then it will work for in and out for each router as as they would not be able to send mor than their limit resulting the other to receive at the same speed that it sends......

or am i wrong?

Super Bronze

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Disclaimer

The      Author of this posting offers the information contained within this      posting without consideration and with the reader's understanding   that    there's no implied or expressed suitability or fitness for any    purpose.   Information provided is for informational purposes only  and   should not   be construed as rendering professional advice of any  kind.   Usage of  this  posting's information is solely at reader's own  risk.

Liability Disclaimer

In      no event shall Author be liable for any damages whatsoever    (including,   without limitation, damages for loss of use, data or    profit) arising  out  of the use or inability to use the posting's    information even if  Author  has been advised of the possibility of   such  damage.

Posting

No, you're not wrong.

If you control the two ends of the link, that's exactly want you want, a policy as described on both ends egress (to the fiber).

The parent policy's shaper restricts the overall bandwidth, since it's less than what the physical interface offers.  (NB: wouldn't be needed if you were using all the physical interface bandwidth, e.g. 100 Mbps fiber).

The child policy controls bandwidth sharing when there's congestion.

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Just my 2 cents on this. You have a policer of 30Mbps on the interface between the router and the switch. This means that  any communcation between the subnets will also be restricted to 30mbps. not sute if u like that

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

What IOS does it need to work ?? because i have Entbase on my 2801 and it doesnt have the bandwidth command.

New Member

Re: Limiting bandwidth on Cisco router (possible 1800 series)

Hello, can i apply this to 3 different interfaces instead of subinterfaces?

I have 3 vlans on 3 different interfaces on a router and i want them to limit their bandwith throuth the out interface

the one vlan is for internet and the other 2 are private vlans.

Thanks for you time.

Limiting bandwidth on Cisco router (possible 1800 series)

Hello everybody,

I have the same scenario, One internet (50mbps) and 3 vlans on the lan and I need shape each vlan (vlan1 25mbps, vlan2 15mbps and vlan3 10mbps) so I follow your instruccionts but if I connect to any vlan ever I have 50mbps then I make the test with 2 PC´s each in different vlan download and upload but the shape not work well.

If a show policy-map physical I can see that all traffic go to default class but I do not why?

Here is my config:

class-map match-any subnet-b

match access-group 102

class-map match-any subnet-c

match vlan  3

match input-interface FastEthernet4

match access-group 101

access-list 101 permit ip 10.1.1.0 0.0.0.255 any

access-list 102 permit ip 10.1.2.0 0.0.0.255 any

access-list 103 permit ip 10.1.3.0 0.0.0.255 any

policy-map subnets

class subnet-a

    bandwidth 25000

class subnet-b

    bandwidth 15000

class subnet-c

    bandwidth 9999

policy-map physical

class class-default

    shape average 50000000

  service-policy subnets

interface FastEthernet0

ip address 172.16.1.10 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

service-policy output physical

end

interface Vlan1

ip address 10.1.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no autostate

end

interface Vlan2

ip address 10.1.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no autostate

end

interface Vlan3

ip address 10.1.3.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no autostate

end

Here the show policy-map....

Router1811#sh policy-map interface fa0

FastEthernet0

  Service-policy output: physical

    Class-map: class-default (match-any)

      5259740 packets, 7474775689 bytes

      5 minute offered rate 0 bps, drop rate 0 bps

      Match: any

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 5259739/7474776995

      shape (average) cir 50000000, bc 1250000, be 1250000

      target shape rate 50000000

      Service-policy : subnets

        Class-map: subnet-a (match-any)

          0 packets, 0 bytes

          5 minute offered rate 0 bps, drop rate 0 bps

          Match: access-group 101

            0 packets, 0 bytes

            5 minute rate 0 bps

          Queueing

          queue limit 64 packets

          (queue depth/total drops/no-buffer drops) 0/0/0

          (pkts output/bytes output) 0/0

          bandwidth 25000 kbps

        Class-map: subnet-b (match-any)

          1137 packets, 95142 bytes

          5 minute offered rate 0 bps, drop rate 0 bps

          Match: access-group 102

            1 packets, 66 bytes

            5 minute rate 0 bps

          Queueing

          queue limit 64 packets

          (queue depth/total drops/no-buffer drops) 0/0/0

          (pkts output/bytes output) 1137/95142

          bandwidth 15000 kbps

        Class-map: subnet-c (match-any)

          0 packets, 0 bytes

          5 minute offered rate 0 bps, drop rate 0 bps

          Match: vlan  3

            0 packets, 0 bytes

            5 minute rate 0 bps

          Match: input-interface FastEthernet4

            0 packets, 0 bytes

            5 minute rate 0 bps

          Queueing

          queue limit 64 packets

          (queue depth/total drops/no-buffer drops) 0/0/0

          (pkts output/bytes output) 0/0

          bandwidth 9999 kbps

        Class-map: class-default (match-any)

          5258603 packets, 7474680547 bytes

          5 minute offered rate 0 bps, drop rate 0 bps

          Match: any

          queue limit 64 packets

          (queue depth/total drops/no-buffer drops) 0/0/0

          (pkts output/bytes output) 5258602/7474681853

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

Hi,

In the above configuration Example does we need to add the bandwidth command on the interface. ie by default the interface f0/1 is 100 mb so do we need to give bandwidth 30720 command under F0/1.

Also if am not equally dividing the bandwidth will the above scenario work.

Thanks

Nibin 

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

No you don't have to put in the BW command. There is policing configured on the physical interface. That will limit the BW to 30mbps.

policy-map physical

class class-default

  police 30000000 conform-action transmit exceed-action drop

  service-policy subnets

exit

Yes I think you just need to change the percentage values here

policy-map subnets

class-map subnet-a

  bandwidth percent 33

class-map subnet-b

  bandwidth percent 33

class-map subnet-c

  bandwidth percent 33

exit

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

Thanks for the Quick ressponse.

I had applied done the configs according to above discussion but getting the following error while attaching the service policy to interface.

"Cannot attach queuing-based child policy to a non-queuing based class"

ROUTER(config)#interface gigabitEthernet 0/0

ROUTER(config-if)#service-policy output Physical

Cannot attach queuing-based child policy to a non-queuing based class

I am pasting my current configs also please advice whats need to be modified. I am having 32 mb line from ISP which needs to be distributed.

access-list 101 permit ip any 192.168.10.0 0.0.0.255

access-list 102 permit ip any 192.168.11.0 0.0.0.255

access-list 103 permit ip any 192.168.12.0 0.0.0.255

class-map match-all subnet-b

match access-group 102

class-map match-all subnet-c

match access-group 103

class-map match-all subnet-a

match access-group 101

!

!

policy-map subnets

class subnet-a

    bandwidth 49

class subnet-b

    bandwidth 25

class subnet-c

    bandwidth 25

policy-map Physical

class class-default

    police 320000000 conform-action transmit  exceed-action drop

  service-policy subnets

Thanks

Nibin

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

Hi,

Did any one get the following error while trying to attach the policy to interface

ROUTER(config)#interface gigabitEthernet 0/0

ROUTER(config-if)#service-policy output Physical

Cannot attach queuing-based child policy to a non-queuing based class

Thanks

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

In my honest opinion Class Based Weighted Fair Queueing will just limit the bandwidth per queue in case of congestion, not by a regular basis.

regards

New Member

Limiting bandwidth on Cisco router (possible 1800 series)

ROUTER(config)#interface gigabitEthernet 0/0

ROUTER(config-if)#service-policy output Physical

Cannot attach queuing-based child policy to a non-queuing based class

I have this errors too.

Can someone help with this??

New Member

Gents... I'm trying to do the

Gents...

 

I'm trying to do the same thing with a 2621 router....and no luck.

 

I can not enter the "bandwidth percent 33" command.  Any thoughts on why?

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

What IOS version is running on your 2621?  "Percent", as an option in the CBWFQ bandwidth commands came out in later IOS versions (12.4?),

Dear Sir,    I've 10 M

Dear Sir,

    I've 10 M internet connection shared to a one VLAN. I want to limit the download per user. because some users consume the bandwidth by download while others can't browse the internet. could you find a solutions to limit the download to 128 K per user 

 

thanks

110178
Views
10
Helpful
23
Replies
CreatePlease to create content