Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
4
Replies

Rate-Limit Help!!!

mark.campion
Level 1
Level 1

‎11-08-2006 06:01 AM - edited ‎03-03-2019 02:38 PM

Hi I am current having difficulty with a section of CAD operators who need to download CAD drawings all day long (on a 512k connection). I have applied the following ACL and Limits on Serial0.01:

rate-limit input access-group 101 512000 24000 32000 conform-action set-prec-transmit 5 exceed-action set-prec-transmit 0

rate-limit input access-group 102 256000 24000 32000 conform-action set-prec-transmit 5 exceed-action drop

rate-limit input 256000 16000 24000 conform-action set-prec-transmit 5 exceed-action drop

rate-limit output access-group 101 512000 24000 32000 conform-action set-prec-transmit 5 exceed-action set-prec-transmit 0

rate-limit output access-group 102 256000 24000 32000 conform-action set-prec-transmit 5 exceed-action drop

access-list 101 permit tcp any any eq www

access-list 102 permit tcp any any eq ftp

The problem I have is that all traffic regardless of who it is from is restricted by this. Is it possible to allow devices such as my servers no rate-limit, say via IP or MAC address? If so can somebody forward me the CL for this?

Thanks, Mark

Labels:
0 Helpful
4 Replies 4

network.king
Level 4
Level 4

‎11-08-2006 07:56 AM

Hi,

Just include the ips that you need to deny from the rate limit , then just add a deny statement before

access-list 101 deny host x.x.x.x any

access-list 101 permit tcp any any eq www

Hope this helps

regards

vanesh k

0 Helpful

mark.campion
Level 1
Level 1
In response to network.king

‎11-08-2006 09:44 AM

I don't have the 'host' option as shown below:

LondonRO(config)#access-list 101 deny ?

<0-255> An IP protocol number

ahp Authentication Header Protocol

eigrp Cisco's EIGRP routing protocol

esp Encapsulation Security Payload

gre Cisco's GRE tunneling

icmp Internet Control Message Protocol

igmp Internet Gateway Message Protocol

ip Any Internet Protocol

ipinip IP in IP tunneling

nos KA9Q NOS compatible IP over IP tunneling

ospf OSPF routing protocol

pcp Payload Compression Protocol

pim Protocol Independent Multicast

tcp Transmission Control Protocol

udp User Datagram Protocol

LondonRO(config)#access-list 101 deny

0 Helpful

mark.campion
Level 1
Level 1
In response to mark.campion

‎11-08-2006 09:45 AM

I'm actually really lost on this one and finding it hard to get my head round it!!!

0 Helpful

network.king
Level 4
Level 4
In response to mark.campion

‎11-08-2006 10:21 AM

Hi ,

Pls use " access-list 101 deny ip host x.x.x.x any"

But if you alreay have a acl 101 defined , the newly added one would get added next.

If your access-list is numbered one then

sh ip access-list 101

10

20

then

ip access-list extended 101

5 deny ip host x.x.x.x any

Or else u need to remove the CAR first , then delete the ACL , add the new ACL and apply the CAR

regards

vanesh k

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card