Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

Controlling traffic on central router



I am trying to determine a good method to ensure that a few thousand users are able to share the available internet connection. There is one router (sadly only a 2951) where everything connects to, it has four internet connections and an "inside" interface pointing to the rest of the infrastructure (with many routers and switches, and most of the routers running NAT).


The problem is that the central router has 2x 4Mbps, 1x 20Mbps and 1x 100Mbps internet connections. How could I stop careless users from using up all of the bandwidth?


I'm looking at shaping and policing, but I'm not sure how these techniques could be applied to solve this problem. The router is sitting at 1GB used memory out of 2.5GB due to BGP and all that, so I suspect shaping might be a bad idea.


If I go with policing, how can I police per user and not just slow down the interface? It's okay if the interface uses up most of the bandwidth, but I'd like to stop individual users from doing that.


Most of the users only surf the web and read email and I'm okay if one of them decides to download a large file, or make a Skype call, but I'm not okay with somebody downloading 100GB during peak hours. So I'm looking at a way to limit only the users who are causing my problems, while offering the best possible experience for the rest.


I'm looking at getting a gigabit link installed, but it's going to take a while and I suspect that the rough users are simply going to end up using more.


Any advise would be appreciated.