Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Rate limit individual users across WAN

We have a client that is finding a need to limit the users at a remote location from pulling too much bandwidth across their WAN link. The remote site has about 120 users, all DHCP. They want to be able to limit a user from using more than, for exmaple, 25% of the WAN link. Would we need to rate-limit each IP address in the DHCP scope or just list each IP address in an access-list and apply one rate limit?

7 REPLIES
Hall of Fame Super Gold

Re: Rate limit individual users across WAN

You would need to limit each IP address individually.

But before you do that, consider the following:

1. rate-limit is very distructive for TCP. You should use shaping instead.

2. Normally on the wan link, you have a mechanism called fair sharing, that prevents any single flow to monopolize the circuit. So for example if you have a 2mbps link and 100 active users, each one would take 20 kbps of BW. consequently, it is not necessary to do anything, because the router do that automatically. The reciprocal advantage, is that when the circuit is free, the bandwith can be used in full.

Please rate post if it helps!

New Member

Re: Rate limit individual users across WAN

Are there any examples of configuring the fair sharing?

New Member

Re: Rate limit individual users across WAN

New Member

Re: Rate limit individual users across WAN

When you said fair sharing, did you mean using Weighted Fair Queueing?

Hall of Fame Super Gold

Re: Rate limit individual users across WAN

Yes. Weighted means that if one flow has some precedence set in the IP header, it should be trated accordingly.

As an appreciation to those providing answers, please rate useful posts with the scrollbox below!

New Member

Re: Rate limit individual users across WAN

They want to limit general network traffic for the users, not just a specific type of traffic. They had a user from one office login at another office and filled the WAN link while his profile transfered. Also the WAN link is a PPP Multilink with 2 T1s running about 1MB for data and another full T1, 1.5MB, 3825 router.

Hall of Fame Super Gold

Re: Rate limit individual users across WAN

Hi,

WFQ works for general traffic and not for a specific type only.

If you configure "fair-queue" under the multilink interface, the situation you described will not happen any more.

A further step would be configuring QoS with priorities an BW limitations for classes, etc, but that is not always needed.

304
Views
0
Helpful
7
Replies