Hi ,
I have an ASA 5506x and need to throttle down the download link (upload as well but later).
I have tried the QoS policing feature using both input/output and ASA does police but the link is unusable - pings keep dropping when I just open a website, cannot download anything, speedtest shows 10mbps but when I do it, everything stops for a few seconds.
I know policing is a hard way of doing QoS but should it be that bad? Am I missing anything obvious here? As I read, there is no shaping on this device...
With this config, it is usuable. I eve tried this: my link is 100Mbps, I policed it at 90Mbps - got the same result - unusable link dropping everything after loading a basic youtube clip, downloads drop etc. I tried both input/output on inside and outside interfaces - no matter how I combine or or just do one a the time - it is usable.
class-map inside_1-class1
match any
policy-map inside_1-policy1
class inside_1-class1
police output 10000000 9999 conform-action transmit exceed-action drop
service-policy inside_1-policy1 interface inside_1
ciscoasa# show service-policy police
Interface inside_1:
Service-policy: inside_1-policy1
Class-map: inside_1-class1
Output police Interface inside_1:
cir 10000000 bps, bc 9999 bytes
conformed 44897 packets, 49804767 bytes; actions: transmit
exceeded 7949 packets, 11391125 bytes; actions: drop
conformed 1173704 bps, exceed 308368 bps