cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
273
Views
0
Helpful
1
Replies

rate limiting a single Public IP on cisco 2921

Cy
Level 1
Level 1

how would I rate limit a single public IP I have a /26 associated with the wan of the router however I need to limit some of the users in that ip range with 100Meg uplink

wan Ip 1.1.1.129 I want to limit the users using 1.1.1.140 to 10M, and 1.1.1.142 to 30M leaving the balance to the rest 

thanks

1 Reply 1

Hello,

 

I am not sure if you add multiple rate limit statements on an interface:

 

access-list 101 permit ip host 1.1.1.140 any

!

rate-limit input access-group 101 10000000 1875000 3750000 conform-action transmit exceed-action drop
!

access-list 102 permit ip host 1.1.1.142 any

!

rate-limit input access-group 101 30000000 5625000 11250000 conform-action transmit exceed-action drop

 

An alternative would be the below. If your IOS support shaping, better use that instead of policing:

 

access-list 101 permit ip host 1.1.1.140 any
access-list 102 permit ip host 1.1.1.142 any
!
class-map match-any 10M_LIMIT
match access-group 101
!
class-map match-any 30M-LIMIT
match access-group 102
!
policy-map RATE_LIMIT
class 10M_LIMIT
police cir 10000000

--> or shape average 10000000
class 30M_LIMIT
police cir 30000000

--> or shape average 30000000

!

interface FasttEthernet0/1

service-policy input RATE_LIMIT

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco