Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
534
Views
3
Helpful
1
Replies

rate limiting on Internet router

rajakumar.P
Level 1
Level 1

‎05-08-2007 10:27 PM - edited ‎03-09-2019 05:57 PM

Hi,

We have multiple internal lans/networks sharing a common internet pipe/link terminated on a Cisco router.

We have seperate NAT IPs ( Public IPs ) configured for each network to differentiate them from one another outside the firewall.

My requirement is like this ,

1) I want to do a QOS on my internet router by restricting a maximum of 1 Mb internet bandwidth for each internal network.

2) Presently i have configured a rate-limiting command on my interface with a matching ACL.

!

interface FastEthernet0/1

description ### MY ISP facing interface ###

ip address xxx.xxx.xxx.xxx 255.255.255.252

rate-limit input access-group 101 1024000 64000 64000 conform-action transmit exceed-action drop

rate-limit output access-group 102 1024000 64000 64000 conform-action transmit exceed-action drop

access-list 101 remark ### input ACL 4 BW Cap test for network1 ###

access-list 101 permit ip any host network1-NAT-IP

access-list 101 remark ### deny any any ###

access-list 101 deny ip any any

access-list 102 remark ### output ACL 4 BW Cap test for network1 ###

access-list 102 permit ip host network1-NAT-IP any

access-list 102 remark ### deny any any ###

access-list 102 deny ip any any

3) What will happen if i add one more NAT-IP in my rate-limit matching ACL as shown below.

access-list 101 remark ### input ACL 4 BW Cap test for network1 ###

access-list 101 permit ip any host network1-NAT-IP

access-list 101 remark ### input ACL 4 BW Cap test for network2 ###

access-list 101 permit ip any host network2-NAT-IP

access-list 101 remark ### deny any any ###

access-list 101 deny ip any any

access-list 102 remark ### output ACL 4 BW Cap test for network1 ###

access-list 102 permit ip host network1-NAT-IP any

access-list 101 remark ### output ACL 4 BW Cap test for network2 ###

access-list 102 permit ip host network2-NAT-IP any

access-list 102 remark ### deny any any ###

access-list 102 deny ip any any

!! a) Will my second network ( network2-NAT-IP) will also have a maximum BW cap of 1 Mb

!! b) Is so can I add all more QOS needed NAT IPs to this matching ACL.

Any help regarding the same is appreciated

Labels:
0 Helpful
1 Reply 1

foxbatreco
Level 3
Level 3

‎05-19-2007 10:08 PM

Hii..

As far as i understood , u need to rate-limit all internal traffic with multiple acl's? now assuming tht u hv 2 global ip's , u wuld hv to apply this to all the natted traffic being intitiated from inside.

the cap on the second n/w will depend on the rate u apply with tht acl.

bt to say , if the max b/w for ur link ( assuming tht both global ip's are for the same link ) then u will not achieve anything by adding second acl with 1 mbps cap.

i would suggest tht u use the concept of subi/f and then allocate traffic b/w for global ip's on each subi/f.

Also , i will suggest not to use multiple acl limiting ,cos multiple acl's for traffic on a single i/f will invariably reduce the effective throughput being offered...which basically will hv some of the traffic drpped due to the processing of acl's.

Hope this helps.pls do reply if anything else is reqd or if am not clear and do rate the post.

Customers Also Viewed These Support Documents