cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8839
Views
0
Helpful
3
Replies

Limiting Bandwidth by using QoS on Cisco 1841.. Is it possible?

tinman_dubai
Level 1
Level 1

Hi,

On one of our remote sites we have a 2Mbps Internet leased line with 16 IP address landing on a Cisco 1841 router. Due to the nature of the site, this internet leased line is shared with one of our subcontractor (We assigned one IP to the subcontractor). Recently they have been abusing the service in non-business related stuff.

We need to put a limit on the amount of bandwidth this subcontractor can use at any point of time (say max 25%). So is it possible to accomplish this target by QoS on Cisco 1841? if yes, is it possible to guide me to how it can be done?

Thank you

3 Replies 3

Lei Tian
Cisco Employee
Cisco Employee

Hi Joseph,

Yes, you can limit the bandwidth based on IP. That means you also need to tie his IP with his MAC, or some other way to prevent he changes his IP.

Here is a configuration example of policing; ACL 1 is the acl to match the contractor's IP; fa0/0 is the interface he connects to.

Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 8000 1000 conform-action transmit exceed-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy output police-setting

HTH,

Lei Tian

Hi Lei,

I am not sure I understand "Yes, you can limit the bandwidth based on IP. That means you also need to tie his IP with his MAC, or some other way to prevent he changes his IP."

Here is a quick and derty network structure of what we have in that site.

----IIL----Cisco 1841----8 port Switch -------Firewall---Linksys RV42 Router A------Our Network

                                                      |----Linksys RV42 Router B----The Subcontractor Network

Now which MAC address should I use? The Linksys RV42 Router B MAC Address?

A friend of mine suggest to use NBAR to determine bandwidth eating applications and then block them using QoS. Is that easier?

Thank you

Hi,

If the Subcontractor uses a different subnet, then don't need to worry about his MAC. You can limit the whole subnet.

If you want get better understanding the traffic in your network, you can use nbar discovery. NBAR itself doesn't block anything, you still need classify based on  subcontractor's ip and then rate limit it.

HTH,

Lei Tian

Review Cisco Networking for a $25 gift card