02-09-2012 01:49 AM - edited 03-04-2019 03:11 PM
Hi,
i have one problem in our office.Iam sitting in the HO location.
In the HO location symantec server is available.This symantec server daily send the update to the client location.
In one of our client location i want to limit the traffic from the particular symantec server.
our symantec server ip:10.10.150.57
In our client location users(10.50.137.100/24)doesn't receive the traffic beyond 64kb from the source ip(10.10.150.57/22).
They should not be receive the traffic beyond 64kb.
kindly anyone tell the configuration to implement.
Client location configuration:
int fa0/0(LAN)
ip address 10.50.137.100 255.255.255.0
speed auto
duplex auto
int fa0/1(WAN)
ip address 10.70.125.63 255.255.255.252.0
bandwidth 128
encapuslation PPP
speed auto
duplex auto
Solved! Go to Solution.
02-09-2012 03:06 AM
Hi,
to rate-limit traffic received from server you can do the following:
1) specify access-list describing this type of traffic
access-list 101 permit ip host 10.10.150.57 0.0.3.255 10.50.137.0 0.0.0.255
2) configure rate-limiting on your WAN interface inbound:
rate-limit input access-group 101 64000 12000 24000 conform-action transmit exceed-action drop
Please find below description of this command in more details:
http://www.cisco.com/en/US/partner/docs/ios/12_2/qos/command/reference/qrfcmd8.html#wp1037428
You can also use more flexible way of configuring QoS policies - policing with MQS:
http://www.cisco.com/en/US/partner/docs/ios/12_2/qos/command/reference/qrfcmd5.html#wp1064737
BR,
Nataliya
02-09-2012 03:06 AM
Hi,
to rate-limit traffic received from server you can do the following:
1) specify access-list describing this type of traffic
access-list 101 permit ip host 10.10.150.57 0.0.3.255 10.50.137.0 0.0.0.255
2) configure rate-limiting on your WAN interface inbound:
rate-limit input access-group 101 64000 12000 24000 conform-action transmit exceed-action drop
Please find below description of this command in more details:
http://www.cisco.com/en/US/partner/docs/ios/12_2/qos/command/reference/qrfcmd8.html#wp1037428
You can also use more flexible way of configuring QoS policies - policing with MQS:
http://www.cisco.com/en/US/partner/docs/ios/12_2/qos/command/reference/qrfcmd5.html#wp1064737
BR,
Nataliya
02-09-2012 09:03 PM
Thank u very much.
it is working.
But i have one doubt.what is 12000 24000
how to calculate these values.
what is the use of these values.
02-09-2012 11:31 PM
Hi,
Regarding the values you asked for:
first of them is normal burst size, in bytes. The minimum value is bps divided by 2000; Cisco recommended formula for its calculation is as follows:
normal burst = configured rate * (1 byte)/(8 bits) * 1.5 seconds
Second one - excess burst size, in bytes:
extended burst = 2 * normal burst
BR,
Nataliya
02-10-2012 01:40 AM
What is normal burst and extended burst?
waht is the use of these.
02-10-2012 02:17 AM
Hi,
Traffic flow in network is not constant - sometimes it has bursty nature.
To minimize traffic loss in case of policing, you can define additional rates as follows:
•Normal burst size. The normal burst size determines how large traffic bursts can be before some traffic exceeds the rate limit.
•Excess Burst size. The Excess Burst (Be) size determines how large traffic bursts can be before all traffic exceeds the rate limit. Traffic that falls between the normal burst size and the Excess Burst size exceeds the rate limit with a probability that increases as the burst size increases.
You can read more about average rate, normal and extended burst following the link
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpolsh.html#wp1000977
BR,
Nataliya
02-10-2012 02:35 AM
Thank u very much.
Can u share any document how BGP works.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide