09-11-2012 08:28 AM - edited 03-04-2019 05:32 PM
We would like to allow mobile wireless users (smartphones, tablets, etc.) to user our current Internet DS-3 circuit. We want to make sure that downloads from this this new traffic does not negatively impact our existing traffic. Our goal is to limit the amount of bandwidth these devices can download via our Internet circuit.
Does anyone have any suggestions on how to limit download bandwidth for a subset of your users? We want to limit our mobile device users to using 10Mbps of our DS-3 circuit.
Should we put the mobile users on a seperate VRF? Just not sure at this point. We want to avoid getting a seperate circuit if possible. We are not using BGP at this time, just a static route.
09-11-2012 09:39 AM
It will be some sort of QOS solution.
What type of device are you using for the DS-3 ? and what operating system version ?
Do you have a means of identifying mobile wireless users ?
How do they connect to the internet ?
09-11-2012 10:18 AM
We are using a Cisco 3560. I don't have the specific IOS version available at this time.
We can ID mobile wireless users by IP (they are all on the same subnet)
They get wireless connectivity from Cisco Aironet and then go over the DS-3.
The DS-3 is a static route (no BGP).
I would have to think the QoS would have to be on the ISP side. One idea I had was to:
Obtain a /24 from ISP
Roll out BGP to ISP
Have all desktop users come from one IP (say 160.1.1.1)
All mobile users come from another IP (say 160.1.1.2)
Have ISP throttle all traffic to 160.1.1.2 using rate-limiting.
Do you think this is the best option? I was hoping someone out there had done this before and had an ideal option.
09-13-2012 12:12 PM
I have researched a lot of solutions. Most of them (policing, etc.) on a router is not something that the ISP will do. I assume this is because they do not desire to start doing this for customers thus burdening their edge router.
The solution I have come up with is three-fold:
If I find a better combination of options, I will share.
09-11-2012 10:41 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Device QoS features often support selective in or out policing and perhaps outbound shaping and/or prioritization.
Ideally, in a case like yours you would want to manage egress toward the bottleneck. With one side being an ISP, you might be unable to obtain optimal, or any, QoS support. If ISP QoS side isn't possible, you can often manage ingress bandwidth, but often with far from desired/optimal results.
BGP often is not a factor vis-a-vis bandwidth management (beyond directing specific prefixes to specific paths).
Rate-limiting can be used for bandwidth management, but prioritization often provides better results.
09-21-2012 05:08 PM
HI David,
you can use access list for rate limiting
like -
access-list users extended permit ip x.x.x.0 255.255.255.0 any
class-map users
match access-list users
policy-map users
class users
police input 2000000
service-policy users interface
please rate if this helps.
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide