Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
795
Views
3
Helpful
2
Replies

Router 2801 acl block download speed

petrutz_21
Level 1
Level 1

‎02-29-2012 05:42 AM - edited ‎03-04-2019 03:29 PM

Hi,

I'm using for a company network a 2801 Cisco Router. This router has 2 FastEthernet Interfaces connected on 2 ISP's and one VLAN for internal users.

What acl should i use if for example one client from the lan is using a torrent client to download from the internet. I want just to specify a maximum download speed or to block that client to access the internet when it's trying to download something that can affect other clients from the LAN.

I just want some exemples ...

Thanks.

Labels:
0 Helpful
2 Replies 2

Latchum Naidu
VIP Alumni
VIP Alumni

‎02-29-2012 05:46 AM

Hi Toma,

When you have a seperate Vlan it would be possible to allocate bandwidth under the vlan's

See the below two individual steps may help in your scenario.


STEP-1:

Apply rate-limit on each L3 vlan interface in your 2851
Example (for 1024kbits for vlan 2):

Router# conf t
Router(config)# int vlan 2
Router(config-if)#rate-limit input 1000000 187500 375000 conform-action transmit exceed-action drop
Router(config-if)#rate-limit output 1000000 187500 375000 conform-action transmit exceed-action drop


STEP-2:

Policy a specific VLAN number on VLAN interface.

class-map vlan5
match vlan 5
match class-map class-default

policy-map vlan5-limit
class vlan5
police 2000000 250000 exceed-action drop

int vlan5
service-policy input vlan5-limit


After you apply this configuration, the traffic with VLAN 5 coming from any will be policed at 2Mbps.

Likewise you can change the bandwidth rate whichever you want.


Hope this will help you.


Please rate the helpfull posts.
Regards,
Naidu.

Stephane Bonnet
Level 1
Level 1
In response to Latchum Naidu

‎02-29-2012 07:19 AM

If you want more granularity you can use nbar to match the protocol you want to limit like bittorent.

An example of a specific class-map

class-map CM_BAD_TRAFFIC

  match protocol bittorent

  match protocol edonkey

  match protocol fasttrack

And after that you apply some QoS functionnality like policying to slow down their traffic and/or drop it.

Then you have unlimited bandwidth for trusted traffic business or web and the others are slow down with the class-map statement.

HTH

Stephane

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card