02-03-2013 10:31 PM - edited 03-04-2019 06:55 PM
Dear All,
My HO is connected to my BOs using MPLS.
I want to limit the traffic from a BO host y.y.y.y to my HO server x.x.x.x.
Suppose I have 1 Mb bandwidth in my BO, the traffic to HO server x.x.x.x from BO host y.y.y.y should not exceed 256 Kb. How can i acheive it.
Thanks in advance.
Shijo.
02-03-2013 10:48 PM
If the traffic is from BO server to HO server, then on BO router.
class-map XX
match access-group 100
access-l 100 per ip host y.y.y.y.y host x.x.x.x
policy-map child
class XX
police 256000
policy-map parent
class class-default
shape average 1000000
service-policy child
Interface XX
service-policy parent out
You might consider the return traffic as well
Regards
XIE Yao
02-04-2013 12:33 AM
Dear XIE,
Thank you very much for you quick reply.
Let me clarify something.
As per my understanding this will limit the traffic from BO host to HO server within 256 Kb. But if the BO host downloads data from the server at HO what will happen ?? Does this configuration is sufficient for bidirectional traffic ?
Thanks,
Shijo.
02-04-2013 02:29 AM
Hi Shjo,
As XIE already mentioned, you need to think about the return traffic which is what you just mentioned.
You can do by using rate-limiters on the interface (this would limit al the traffic coming from outside to BO) or use the same MQC style like XIE posted above but in the other direction.
let us knw if you need more info
02-04-2013 03:20 AM
Dear Kishore,
Thanks for the reply.
I tried applying it in the other direction but i got the below error message.
"Traffic Shaping feature not supported in input policy."
Regards,
Shijo.
02-04-2013 04:18 AM
Hi shijo
Shaping is allowed only outbound. You need to use policing on the BO router. Or you can use shaping on the HO router.
This is preferred as this will save the bandwidth across the link as well.
Shaping is better as it s not aggresive n doesnt drop traffic thereby avoiding tcp retransmits
Regards
02-04-2013 10:03 PM
Hi Kishore,
I tried policing on the BO router and it works fine in terms of bandwidht limiting but as you said there is a chance of traffic dropping.
I have many BOs connected to my HO. Obiviously my HO bandwith is much higher than the BO bandwidth.
If I want to limit traffic from particular HO servers (shaping ) to each and every BOs I should create separate policies for each location based on host and destination right ??
Regards,
Shijo.
02-09-2013 11:39 PM
Dear XIE,
If i have multiple elements (ie; source and destication) in ACL to match how the bandwidth allocation will happen. The whole traffic will use a maximum of 256 Kb or individual will use 256 Kb.
Thanks,
Shijo.
02-04-2013 03:13 AM
Hi,
the below might help you to limit the traffic in both direction.
access-list 100 deny ip host y.y.y.y any
access-list 100 permit ip host y.y.y.y.y host x.x.x.x
access-list 101 deny ip host x.x.x.x
access-list 101 permit ip host x.x.x.x host y.y.y.y
interface XXX
descripion WAN Interface
rate-limit output access-group 100 256000 96000 96000 conform-action transmit exceed-action drop
rate-limit input access-group 101 256000 96000 96000 conform-action transmit exceed-action drop
02-04-2013 10:04 PM
Hi Syed,
Thanks for the reply.
Regards,
Shijo.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide