07-15-2008 10:31 AM - edited 03-03-2019 10:44 PM
We have a client that is finding a need to limit the users at a remote location from pulling too much bandwidth across their WAN link. The remote site has about 120 users, all DHCP. They want to be able to limit a user from using more than, for exmaple, 25% of the WAN link. Would we need to rate-limit each IP address in the DHCP scope or just list each IP address in an access-list and apply one rate limit?
07-15-2008 10:39 AM
You would need to limit each IP address individually.
But before you do that, consider the following:
1. rate-limit is very distructive for TCP. You should use shaping instead.
2. Normally on the wan link, you have a mechanism called fair sharing, that prevents any single flow to monopolize the circuit. So for example if you have a 2mbps link and 100 active users, each one would take 20 kbps of BW. consequently, it is not necessary to do anything, because the router do that automatically. The reciprocal advantage, is that when the circuit is free, the bandwith can be used in full.
Please rate post if it helps!
07-15-2008 11:03 AM
Are there any examples of configuring the fair sharing?
07-15-2008 11:33 AM
The following link might be helpful. Take care
http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcconman.html
07-16-2008 04:51 AM
When you said fair sharing, did you mean using Weighted Fair Queueing?
07-16-2008 04:53 AM
Yes. Weighted means that if one flow has some precedence set in the IP header, it should be trated accordingly.
As an appreciation to those providing answers, please rate useful posts with the scrollbox below!
07-16-2008 06:51 AM
They want to limit general network traffic for the users, not just a specific type of traffic. They had a user from one office login at another office and filled the WAN link while his profile transfered. Also the WAN link is a PPP Multilink with 2 T1s running about 1MB for data and another full T1, 1.5MB, 3825 router.
07-16-2008 07:04 AM
Hi,
WFQ works for general traffic and not for a specific type only.
If you configure "fair-queue" under the multilink interface, the situation you described will not happen any more.
A further step would be configuring QoS with priorities an BW limitations for classes, etc, but that is not always needed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide