Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Using multiple Committed Access Rate statements on 1 interface.

Good Day All,

I hope to be able to rate-limit certain hosts on the input and output of an Internet connection to 1Meg. bps with the ability to burst to 2Meg. bps.

I would like all other hosts on the network to share the bandwidth on the Internet connection.

Please find a basic config. I hope to do something very similar to this example.

access-list 101 permit ip host 192.168.1.1 any

access-list 101 permit ip any host 192.168.1.1

access-list 102 permit ip host 192.168.1.2 any

access-list 102 permit ip any host 192.168.1.2

interface Ethernet0

rate-limit input access-group 101 1024000 103000 206000 conform-action transmit exceed-action drop

rate-limit input access-group 102 1024000 103000 206000 conform-action transmit exceed-action drop

rate-limit output access-group 101 1024000 103000 206000 conform-action transmit exceed-action drop

rate-limit output access-group 102 1024000 103000 206000 conform-action transmit exceed-action drop

Burst Normal in bytes:

1024000/8=103000

Burst Max in Bytes

2048000/8=206000

I have a couple of questions please about this.

Questions:

1. Does this configuration look reasonable to achieve these goals?

2. I read somewhere that if traffic is not matched by a rate-limit that it is transmitted anyway. Can anyone please confirm this?

I will be running this on a 7204 router that has a average CPU usage of 4-7 percent and low memory used.

Thank you so much for any help.

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Re: Using multiple Committed Access Rate statements on 1 interfa

Hi,

The config you have got will mostly work. Here are a few comments though:

- CAR is a single-rate policer. Therefore, you can achieve the aim of limiting traffic to 1Mbps using CAR. However, you cannot achieve a precise peak rate of 2Mpbs despite configuring the excess burst size to be twice the normal burst size. However, the config you have will give you performance reasonably close to what you are after.

All traffic that is not matched by the rate-limit statements will NOT be policed. If you want traffic not matching the above two rate-limit statements to be rate-limited to some other value, configure the following:

rate-limit input/output 2000000 conform-action transmit exceed-action drop

(This will be a catch-all since no access-group is specified).

Alternatively, you can drop all traffic that does not match ACL 101 or 102:

rate-limit input/output 2000000 conform-action drop exceed-action drop

Hope that helps - pls rate the post if it does.

Paresh

2 REPLIES
Purple

Re: Using multiple Committed Access Rate statements on 1 interfa

Hi,

The config you have got will mostly work. Here are a few comments though:

- CAR is a single-rate policer. Therefore, you can achieve the aim of limiting traffic to 1Mbps using CAR. However, you cannot achieve a precise peak rate of 2Mpbs despite configuring the excess burst size to be twice the normal burst size. However, the config you have will give you performance reasonably close to what you are after.

All traffic that is not matched by the rate-limit statements will NOT be policed. If you want traffic not matching the above two rate-limit statements to be rate-limited to some other value, configure the following:

rate-limit input/output 2000000 conform-action transmit exceed-action drop

(This will be a catch-all since no access-group is specified).

Alternatively, you can drop all traffic that does not match ACL 101 or 102:

rate-limit input/output 2000000 conform-action drop exceed-action drop

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: Using multiple Committed Access Rate statements on 1 interfa

Thanks mate :)!!!

123
Views
5
Helpful
2
Replies