Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
284
Views
0
Helpful
1
Replies

Trying to Understand Impact of Policing on Client and Server

rmeans
Level 3
Level 3

‎10-16-2012 08:13 AM - edited ‎03-11-2019 05:10 PM

Before I implement policing in the ASA, I want to understand the impact of limiting bandwidth on the client and server.

Problem – server experiences high CPU when clients download data.

Options

  • I considered using connection limits within the ASA but
    • The exceeded connections would be dropped resulting in “page cannot be displayed”.
    • The number of connections per time is neither high nor predictable.
  • I am now considering policing the traffic.

Impact

If I implement policing, what impact will that have on the server and client? The ASA will buffer or drop the traffic to keep the bps to the configured level. If the ASA drops traffic, would this not cause more TCP retransmits and a high server load? Will the TCP protocol throttle the client and server?

Thanks

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎10-16-2012 09:26 PM

Hello Rmean,

If you use Policing the exceeding traffic will be dropped and ofcourse as TCP is reliable there will be retransmissions,etc but the ASA will allow them as long as they are not exceeding the parameter previously setup.

Nor you could try to use Shappin ( ASA will not drop the traffic, the traffic will be buffered so it can be sent later)

Any other question.,.Sure..Just remember to rate all of my answers

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card