Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3092
Views
5
Helpful
1
Replies

Rate limiting by IP on Cisco 2821 ISR

robert.evans
Level 1
Level 1

‎11-09-2011 10:27 AM - edited ‎03-04-2019 02:13 PM

I am looking for information on how to properly configure rate limits on a Cisco 2821 so that I can set different Service levels by IP address. For example I want to limit a block of IPs to 1 Mbps Down and 512 kbps Up. I am doing point to point networks from our router (ISR 2821) to another router that is assigned a static IP. The other router connects to our router through a Fast Ethernet port on a NM 16 port switch card. The routing end point for the network is on a VLAN interface. Currently we are using bonded T1's but are about to turn up a Metro-E circuit.

Any help would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

alitadir
Level 1
Level 1

‎11-09-2011 12:39 PM

Hi Robert,

You can do it by using multi class rate limiting. I tested it in a Cisco 2821 ISR Router with Advanced Enterprise Services image, but you can configure it in a router with IP Services image. I'm not sure whether IP Base Image supports multiclass rate limiting configuration or not.You can check it using Cisco Feature Navigator. Here are the sample configuration that I made using Gigabit Ethernet interface, but you can use any routed interface (of course with a Serial Interface).

class-map match-all Network2

match access-group name network2

class-map match-all Network1

match access-group name network1

!

!

policy-map Upload_Limit

class Network1

   police cir 512000

     conform-action transmit

     exceed-action drop 

class Network2

   police cir 512000

     conform-action transmit

     exceed-action drop

!

!

class-map match-all To_Network1

match access-group name To_Network1

class-map match-all To_Network2

match access-group name To_Network2

!

!

policy-map Download_Limit

class To_Network1

  police cir 1024000

     conform-action transmit

     exceed-action drop

class To_Network2

  police cir 1024000

     conform-action transmit

     exceed-action drop

!

ip access-list standard network1

permit 192.168.1.0 0.0.0.255

ip access-list standard network2

permit 192.168.2.0 0.0.0.255

ip access-list extended To_Network1

permit ip any 192.168.1.0 0.0.0.255

ip access-list extended To_Network2

permit ip any 192.168.2.0 0.0.0.255

!

!

interface GigabitEthernet0/0

service-policy input Download_Limit

service-policy output Upload_Limit

I also suggest that using only output service policy in each direction of the connection. You can limit the bandwidth at the source, so you don't have to specify both input and output service policy.

Hope this helps.

Ali TADIR

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card