05-02-2003 04:19 AM - edited 03-02-2019 07:04 AM
Hi,
We want to limit the usage of hhtp type traffic in our brancheson FR(256kbps or 512kbps( in any case).
I know CAR rate limiting and also policy based rate limiting can be a solution.
But When I implemented car rate limiting feature to router I didn't see any impact of it.
Configuration like that
interface Serial0/0.1 point-to-point
ip address 192.168.1.2 255.255.255.0
no ip directed-broadcast
rate-limit input access-group 101 128000 24000 24000 conform-action transmit exceed-action drop
rate-limit output access-group 101 128000 24000 24000 conform-action transmit exceed-action drop
frame-relay interface-dlci 121 IETF
access-list 101 permit tcp any any eq www
( I'm waiting to limit http traffic to 128kbps)
Is anyone have any idea?
ROuter#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 17-Aug-99 13:57 by cmong
Image text-base: 0x80008088, data-base: 0x8072C5D4
ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
ANKARA uptime is 5 weeks, 15 hours, 53 minutes
System returned to ROM by reload at 02:53:54 UTC Sat Feb 8 2003
System image file is "flash:c2600-i-mz.120-5.T1"
cisco 2620 (MPC860) processor (revision 0x101) with 20480K/4096K bytes of memory.
Processor board ID JAB040300Q3 (1936841365)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
05-02-2003 02:36 PM
am not sure what you were using to check if this was working or not - the way to look if rate limit is working or not is :
sh interface rate-limit
Did that show no pkts dropped?? Class based policing would be the other option.
05-04-2003 10:45 AM
Hi,
I'm using MRTG for watching router traffic.
sh interface rate-limit
Serial0/0.1
Input
matches: access-group 101
params: 128000 bps, 24000 limit, 24000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: drop
last packet: 892819008ms ago, current burst: 0 bytes
last cleared 2d06h ago, conformed 0 bps, exceeded 0 bps
Output
matches: access-group 101
params: 128000 bps, 24000 limit, 24000 extended limit
conformed 518091 packets, 60726682 bytes; action: transmit
exceeded 3 packets, 1266 bytes; action: drop
last packet: 553036ms ago, current burst: 88 bytes
last cleared 2d06h ago, conformed 2000 bps, exceeded 0 bps
Where I am doing false?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide