Re: Cisco 2821 - b/w throttling on egress traffic

Jay Matrona · ‎11-02-2010

Hello Everyone

I am looking to reduce the % of b/w utilization of outbound traffic if it uses the following ports:

3600

137-139

If possible, I would like to set the rule for a specific server: 192.168.17.39

Can this can be done through QoS policy map? If so what would the config look like? =)

Thanks

Jay

gatlin007 · ‎11-02-2010

Jay,

Would you like to strictly police the traffic or give it less access to the wire during periods of congestion? In regard to the ports are they TCP, UDP or both?

Chris

Jay Matrona · ‎11-02-2010

Hi Chris

I would police the traffic and they are all TCP ports.

Thanks

Jay

gatlin007 · ‎11-02-2010

This is the simplest way to do it. It can be done with the MQC, but unless you have a complex queuing requirement the following will work well for you.

access-list 100 remark *** Selection for Police action ****
access-list 100 permit tcp any any range 137 139

### I generally try to apply policers inbound
### This is usally a LAN interface facing servers/workstations
### For this example Lets say you want to restrict this traffic to 500Kbps.

int g0/0
rate-limit input 500000 access-group 100 93750 187500 confirm-action transmit exceed-action drop
exit

Chris

Jay Matrona · ‎11-02-2010

Great thanks. I did not realize you could confgure this on the inside interface. I thought it would be applied to the outside interface since this is egress traffic.

gatlin007 · ‎11-02-2010

Good question.

Policers are better placed on ingress.

Shaping and queuing policies must be placed on egress.

This is a great resource:

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/polcing_shping_oview_ps6350_TSD_Products_Configuration_Guide_Chapter.html