11-09-2011 10:27 AM - edited 03-04-2019 02:13 PM
I am looking for information on how to properly configure rate limits on a Cisco 2821 so that I can set different Service levels by IP address. For example I want to limit a block of IPs to 1 Mbps Down and 512 kbps Up. I am doing point to point networks from our router (ISR 2821) to another router that is assigned a static IP. The other router connects to our router through a Fast Ethernet port on a NM 16 port switch card. The routing end point for the network is on a VLAN interface. Currently we are using bonded T1's but are about to turn up a Metro-E circuit.
Any help would be greatly appreciated.
11-09-2011 12:39 PM
Hi Robert,
You can do it by using multi class rate limiting. I tested it in a Cisco 2821 ISR Router with Advanced Enterprise Services image, but you can configure it in a router with IP Services image. I'm not sure whether IP Base Image supports multiclass rate limiting configuration or not.You can check it using Cisco Feature Navigator. Here are the sample configuration that I made using Gigabit Ethernet interface, but you can use any routed interface (of course with a Serial Interface).
class-map match-all Network2
match access-group name network2
class-map match-all Network1
match access-group name network1
!
!
policy-map Upload_Limit
class Network1
police cir 512000
conform-action transmit
exceed-action drop
class Network2
police cir 512000
conform-action transmit
exceed-action drop
!
!
class-map match-all To_Network1
match access-group name To_Network1
class-map match-all To_Network2
match access-group name To_Network2
!
!
policy-map Download_Limit
class To_Network1
police cir 1024000
conform-action transmit
exceed-action drop
class To_Network2
police cir 1024000
conform-action transmit
exceed-action drop
!
ip access-list standard network1
permit 192.168.1.0 0.0.0.255
ip access-list standard network2
permit 192.168.2.0 0.0.0.255
ip access-list extended To_Network1
permit ip any 192.168.1.0 0.0.0.255
ip access-list extended To_Network2
permit ip any 192.168.2.0 0.0.0.255
!
!
interface GigabitEthernet0/0
service-policy input Download_Limit
service-policy output Upload_Limit
I also suggest that using only output service policy in each direction of the connection. You can limit the bandwidth at the source, so you don't have to specify both input and output service policy.
Hope this helps.
Ali TADIR
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide