Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

per source ip flow shaping

Hello, Professionals

I need to shape every ip address from /24 network to 10Mbit/s ingress speed. How to do this without write 253 ACL (one for every ip). I am sure there must be a more efficient way to do that... Please help me. Thanks , and have a good day

9 REPLIES
Hall of Fame Super Gold

Re: per source ip flow shaping

Sorry, there is not.

New Member

Re: per source ip flow shaping

It is hard to believe that ... Linux can do it with HASHLIMIT , i think IOS also can perform this kind of limiting becouse is more advanced networking OS

Hall of Fame Super Gold

Re: per source ip flow shaping

Nothing to wonder about. I can probably come up with 1,000 things that IOS does while linux doesn't, and vice-versa.

New Member

Re: per source ip flow shaping

I think SCE can do it... The idea behind this is to limit traffic from some of my clients that can flood some of the servers with 100Mbps. I use rate limit per destination on access ports , but the problem is that if some ip floods all ips on same interface take packet loss. If there is some good solution that prevents this please make me aware. Thanks

Hall of Fame Super Gold

Re: per source ip flow shaping

Since you want to basically limit all output from certain sources up to a maximum, at that point that may be the same as to hardconfig ports at 10 mbps.

New Member

Re: per source ip flow shaping

If there is no other services maybe is sweetable. But there is file transfer between hosts , some multicast streams ...

Hall of Fame Super Gold

Re: per source ip flow shaping

On the other hand even if you had an easy configuration method to make so that any source does not pass 10 mpbs in sending, that would affect also file transfers and multicast, so it really all depends on what you want to do.

New Member

Re: per source ip flow shaping

I plan to enable this configuration close interfaces for servers that need to be protected, not on all network. However maybe some CBWFQ rules can make similar efect. Thanks for guidance. Have a nice day

New Member

Re: per source ip flow shaping

I find another good solution to achieve this functionality:

PFC QoS applies the bandwidth limit specified in a microflow policer separately to each flow in matched

? You can configure a microflow policer to use only source addresses, which applies the microflow policer to all traffic from a source address regardless of the destination addresses.

223
Views
0
Helpful
9
Replies