cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
687
Views
15
Helpful
4
Replies

Clients connection to internet bandwidth control

Hello Bros'

              I have an internet connection 50mbps shared between endpoint.

I need to control these endpoints gateway bandwidth per IP or group of IPs.

I have different gears that I will select between them according to the solution applied such as switch3750, 3560, 6509 10/100/100 modules, Routers 2800.

Any suggestions will be appreciated,

TIA

1 Accepted Solution

Accepted Solutions

Hello,

 

below an example for three groups of IP addresses, each of which will be guaranteed 10MB. If the bandwidth is not used, it can be used by other groups. IP addresses are arbitrary, you can tweak this to fit your addressing.

 

access-list 101 permit ip host 192.168.1.1 any
!
access-list 102 permit ip host 192.168.1.2 any
access-list 102 permit ip host 192.168.1.3 any
!
access-list 103 permit ip host 192.168.1.4 any
!
class-map match-any CLASS_1
match ip address 101
!
class-map match-any CLASS_2
match ip address 102
!
class-map match-any CLASS_3
math ip address 103
!
policy-map CHILD_SHAPER
class CLASS_1
priority 10240
class CLASS_2
priority 10240
class CLASS_3
priority 10240
class class-default
fair-queue
!
policy-map PARENT_SHAPER
class class-default
shape average 50000000
service-policy CHILD_SHAPER

!

interface FastEthernet0/0

description Uplink to ISP

service-policy output PARENT_SHAPER

View solution in original post

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

You can do QOS based on the IP pool on edge router

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

 

below an example for three groups of IP addresses, each of which will be guaranteed 10MB. If the bandwidth is not used, it can be used by other groups. IP addresses are arbitrary, you can tweak this to fit your addressing.

 

access-list 101 permit ip host 192.168.1.1 any
!
access-list 102 permit ip host 192.168.1.2 any
access-list 102 permit ip host 192.168.1.3 any
!
access-list 103 permit ip host 192.168.1.4 any
!
class-map match-any CLASS_1
match ip address 101
!
class-map match-any CLASS_2
match ip address 102
!
class-map match-any CLASS_3
math ip address 103
!
policy-map CHILD_SHAPER
class CLASS_1
priority 10240
class CLASS_2
priority 10240
class CLASS_3
priority 10240
class class-default
fair-queue
!
policy-map PARENT_SHAPER
class class-default
shape average 50000000
service-policy CHILD_SHAPER

!

interface FastEthernet0/0

description Uplink to ISP

service-policy output PARENT_SHAPER

a very nice convinient example.

waiting for any other ideas, if not this is mostly the accepted answer

Thank you so much

Joseph W. Doherty
Hall of Fame
Hall of Fame

Unfortunately, Cisco devices often have very different QoS features.  In your named devices, the 3750 and 3560 QoS are alike, but differ from both the 6509 and the 2800, which also differ between each other.  The 2800, being a software based router, has about the most "powerful" QoS feature set (and is the only device, I believe, that could configure a QoS policy suggested by Georg [also that policy might not work quite as Georg describes, and I would recommend against it for other reasons, including a 2800's QoS works differently, using class-default FQ, whether using a pre or post HQF IOS version]).  The 6509's QoS features can also vary per line card.  Further, the 6509, I recall, offers MicroFlow policing, which the other devices do not.

You also need to further define your "bandwidth control".  For example, to the Internet, or from the Internet, or both?  Do you want to cap bandwidth, guarantee a minimum bandwidth, or both?  When capping bandwidth, do you mean to just discard overrate traffic, or queue it?  Also when capping bandwidth, do you intend to allow any bursting?

Again, depending on what you can accomplish, much depends on the device.  If your needs are complex, especially for managing from the Internet traffic (so just one IP or group of IPs, don't congest your Internet link), you may need to look into using a 3rd party traffic management device.

If your 2800 is the device that actually connects to the Internet, for to the Internet traffic, perhaps a policy such as (using a "later" IOS):

policy-map toInternet
class class-default
bandwidth 100 percent
fair-queue

Might be sufficient.  If the port speed is faster than 50Mbps, but your ISP caps you at 50Mbps, then instead of applying the above to your interface, you apply the following policy (keeping the above policy too) to your interface:

policy-map toInternetShaped
class class-default
bandwidth 100 percent
shape average 50000000 !NB: you may need to set this about 15% lower to allow for average L2 overhead
service-policy toInternet

Managing inbound Internet bandwidth, is very problematic on Cisco devices.  There are also configuration limits, such as the number of classes allowed within a policy-map.  I.e. if you have lots of IPs and/or groups of IPs to manage, you might bump into those limits.  6509s, with the sup720s (I recall) also have limits that can be bumped into if trying to rate limit all its possible edge ports.

Lastly, again if your 2800 is the Internet connected device, if may struggle with 50Mbps, duplex, depending on what model 2800 it is.

 

Review Cisco Networking for a $25 gift card