You have a PTP full T-1 between your headquarters and a remote branch office. All traffic from the branch comes back over the T1. You want to police a specific type of traffic (winmx for example). Would you police "outbound" on the headquarters router before traffic crosses the T-1 or at the remote site "inbound" router? Cisco TAC seems to think you would police at the remote branch side.
A lot depends on the traffic patterns of the application. It's a little unclear from your explanation. When you say all traffic from the branch comes back over the T1 are the users of the app based in the HQ or branch office eg.
If the server hosting the app is at HQ and the large part of this app traffic are responses to requests to the branch requests then police outbound at HQ as it's kind of pointless policing inbound at remote branch as you have already used the bandwidth.
The application was just an example. Think of it like this. There are a couple of scenarios and i'm not referring to any specific application.
1) There is a direct correlation between packets sent and packets received ie. a client in the branch office sends 100Kb of traffic and gets 100Kb in return traffic.
So in this scenario you could police the traffic inbound on the LAN interface at the branch site.
2) The client sends 10Kb and gets 100kb back. Now a typical web application does this - the request is usually a lot smaller than the response. So if you want to limit the total of the T1 that can be used you need to police the return traffic not the traffic initiated from the remote branch. In that case it would make more sense to police the traffic outbound at the WAN interface of HQ router connecting to remote branch router.
Note that if there was always a 10Kb to 100Kb relationship you could police at branch instead but it's never that simple. One 10Kb request might generate 100Kb back and another might generate 200Kb.
So that's is all i meant by traffic patterns. So what are you trying to police
a) the branch users traffic flooding the link with traffic going towards HQ
b) the branch users traffic flooding the link with traffic coming from HQ
If you are just not sure then police at both ends :)
In theory, you want to police as close to the source of the traffic as possible. This to keep from wasting any bandwidth further downstream.
In practice, you can police as late as the first bottleneck's egress; often your WAN egress. This is to free bandwidth where you have the least amount of available bandwidth.
Beside policing, you might also consider shaping or deprioritization. The latter would place non-business traffic into a "scavenger" class that obtains either little bandwidth and/or "left over" bandwidth.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...