Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
3
Replies

QOS: Is there a way to limit sessions

derek.winchester
Level 1
Level 1

‎06-23-2009 01:24 PM - edited ‎03-04-2019 05:13 AM

I need a way to instead of dynamically limiting lets say, ssh. I would like to dynamically limit ssh sessions. I formal way would be via access list but i would like it to be regardless of source and destination. So a typical ssh session could not exceed 1mbs. or something like that.

Labels:
0 Helpful
3 Replies 3

Istvan_Rabai
Level 7
Level 7

‎06-23-2009 01:45 PM

Hi Derek,

I don't know of a command to rate-limit the ssh traffic per session.

You could configure rate-limiting on all ssh sessions using control-plane policing.

Example:

access-list 100 permit tcp any any eq 22

class-map match-all SSH

match access-group 100

policy-map SSH

class SSH

police 1000000

control-plane

service-policy input SSH

I hope this helps somewhat.

Cheers:

Istvan

0 Helpful

derek.winchester
Level 1
Level 1
In response to Istvan_Rabai

‎06-23-2009 02:09 PM

The control plane would limit session originated from that platform? How exactly would this limit sessions?

0 Helpful

Istvan_Rabai
Level 7
Level 7
In response to derek.winchester

‎06-23-2009 08:36 PM

Hi Derek,

In this configuration example sessions destined to this platform are policed to 1000000 bits per second.

According to this config you can easily configure it for sessions originated from this platform using the "service-policy output" instead of input.

Cheers:

Istvan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card