Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
3
Replies

Shaping outbound traffic per device for large group of devices

mark.tegg
Level 1
Level 1

‎08-04-2019 08:29 PM

Hi folks, I am fairly new to the world of QoS. Although I have a basic understanding of what it is, I don't have any real experience in implementing it in production network in anger. I have a new requirement for a guest network service. The users will be using this as outbound internet access service. I would like to limit the bandwidth per user to a specified rate. Searches have returned results that are appear suitable for the task.

The issue I have is that I want to offer each user equal bandwidth, but there are potentially >36000 unique IP addresses (mostly contiguous blocks) and I am wondering if there are an equivalent of a range statement usable to define the policy (save every IP needing to exist in policy) 

I'm wondering if anyone can shine some light as to how I can configure my routers to achieve this requirement with the minimal configuration required.

I am assuming I need to use ACLs to do the QoS/Policing/Shaping?

Labels:
0 Helpful
3 Replies 3

paul driver
VIP
VIP

‎08-04-2019 10:58 PM

Hello

@mark.tegg wrote:

 I would like to limit the bandwidth per user to a specified rate. Searches have returned results that are appear suitable for the task.

 

The issue I have is that I want to offer each user equal bandwidth, but there are potentially >36000 unique IP addresses (mostly contiguous blocks) the minimal configuration required.

Qos is required when you possibly expect to have over utilization of your network bandwidth resulting in packet loss or delay meaning when congestion isnt incurred QOS really isn't required.

 

Given the amount of users you are stating it would be more viable to allocate a pre-defined guest BW value for all guest users and then police or share that BW between the various subnets of your guest users.

 

Can you elaborate on your current network topology and what type of hardware (router/fw/switch/access-points etc..) you are ruining?

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Georg Pauwen
VIP
VIP

‎08-05-2019 01:33 AM

Hello,

 

I think your best option is to look for a third party management tool. Putting a service policy on your router matching an access list of 36,000 individual lines and host entries is probably not a good idea.

 

Have a look at WebHTB (link below), it allows to set bandwidth limitations for individual IP addresses. Even the paid version only costs 100 dollars...(I am not a WebHTB rep, but compared to what you pay for a Cisco solution, this sounds very cheap).

 

https://www.webhtb.ro/features/

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-05-2019 08:53 AM

To best meet your requirement, you'll likely need to resort to using some 3rd party appliance, as suggested by Georg.

The closest you might come to meeting your requirements, some Cisco hardware supports microflow policers.

Some Cisco hardware also supports policers per (user) edge port. (At least such interface policies could be applied with a range statement.)
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card