Limit Download Bandwidth Consumption

davidhvoss · ‎09-11-2012

We would like to allow mobile wireless users (smartphones, tablets, etc.) to user our current Internet DS-3 circuit. We want to make sure that downloads from this this new traffic does not negatively impact our existing traffic. Our goal is to limit the amount of bandwidth these devices can download via our Internet circuit.

Does anyone have any suggestions on how to limit download bandwidth for a subset of your users? We want to limit our mobile device users to using 10Mbps of our DS-3 circuit.

Should we put the mobile users on a seperate VRF? Just not sure at this point. We want to avoid getting a seperate circuit if possible. We are not using BGP at this time, just a static route.

vmiller · ‎09-11-2012

It will be some sort of QOS solution.

What type of device are you using for the DS-3 ? and what operating system version ?

Do you have a means of identifying mobile wireless users ?

How do they connect to the internet ?

davidhvoss · ‎09-11-2012

We are using a Cisco 3560. I don't have the specific IOS version available at this time.

We can ID mobile wireless users by IP (they are all on the same subnet)

They get wireless connectivity from Cisco Aironet and then go over the DS-3.

The DS-3 is a static route (no BGP).

I would have to think the QoS would have to be on the ISP side. One idea I had was to:

Obtain a /24 from ISP

Roll out BGP to ISP

Have all desktop users come from one IP (say 160.1.1.1)

All mobile users come from another IP (say 160.1.1.2)

Have ISP throttle all traffic to 160.1.1.2 using rate-limiting.

Do you think this is the best option? I was hoping someone out there had done this before and had an ideal option.

davidhvoss · ‎09-13-2012

I have researched a lot of solutions. Most of them (policing, etc.) on a router is not something that the ISP will do. I assume this is because they do not desire to start doing this for customers thus burdening their edge router.

The solution I have come up with is three-fold:

Leverage existing proxy infrastructure such as BlueCoat that will allow for bandwidth management.
Increase DS-3 pipes to 100Mbps as I believe pricing is going to be very competitive for this upgrade
If required, use Cisco rate-limiting/bandwidth management for outbound sessions.

If I find a better combination of options, I will share.

Joseph W. Doherty · ‎09-11-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Device QoS features often support selective in or out policing and perhaps outbound shaping and/or prioritization.

Ideally, in a case like yours you would want to manage egress toward the bottleneck. With one side being an ISP, you might be unable to obtain optimal, or any, QoS support. If ISP QoS side isn't possible, you can often manage ingress bandwidth, but often with far from desired/optimal results.

BGP often is not a factor vis-a-vis bandwidth management (beyond directing specific prefixes to specific paths).

Rate-limiting can be used for bandwidth management, but prioritization often provides better results.

singhaam007 · ‎09-21-2012

HI David,

you can use access list for rate limiting

like -

access-list users extended permit ip x.x.x.0 255.255.255.0 any

class-map users

match access-list users

policy-map users

class users

police input 2000000

service-policy users interface

please rate if this helps.

thanks