Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1487
Views
0
Helpful
13
Replies

Traffic limitation

burhanburhan
Level 1
Level 1

‎11-22-2015 10:55 PM - edited ‎03-05-2019 02:47 AM

Hello,

I have 5 mbps line speed and want to limit file transfer traffic 1 mbps, (shouldn't pass this speed) and 4 mbps to ERP. (Between site A and B)

How can i do that with qos?

P.S : We want to limit the file transfer traffic to 1 mbps even link is empty(no congestion) And we dont use routing protocol.

Labels:
Preview file
25 KB
0 Helpful
13 Replies 13

Richard Bradfield
Level 6
Level 6

‎11-22-2015 11:31 PM

you need to police the traffic on any one of your router interfaces

the document below gives details

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0/qos/configuration/guide/nexus1000v_qos/qos_4policing.pdf

0 Helpful

burhanburhan
Level 1
Level 1
In response to Richard Bradfield

‎01-28-2016 04:57 AM

Hello Joseph,

My last configuration as below, but still full bandwidtch can be used for file sharing, i want to limit this to 1 Mbps. 

i can see smb packets matched by "show policy-map interface" command. 

Can you please check this ?

access-list 102 permit tcp any any eq 445

class-map match-all SMB
match access-group 102
!
policy-map SampleShape
class SMB
shape average 1000000
!
interface Vlan2
bandwidth 5120
service-policy output SampleShape

-----------------------------------------------------------------------

Router#sh policy-map interface
Vlan2

Service-policy output: SampleShape

Class-map: SMB (match-all)
271103 packets, 301759861 bytes
5 minute offered rate 3985000 bps, drop rate 0000 bps
Match: access-group 102
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 1000000, bc 4000, be 4000
target shape rate 1000000

Class-map: class-default (match-any)
78706 packets, 5125483 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any

queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 3731/403578

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎11-23-2015 03:36 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

As Richard already noted, you might police your file transfer traffic.  Another option, on some platforms, would be to shape the traffic instead.

You noted you want to do this all the time, but unless there's a real need to restrict your file transfer traffic all the time, you might also want to consider using QoS to prioritze your ERP over your file transfer traffic.  When there's congestion, you can use QoS to insure ERP gets 4 Mbps vs. file transfer's 1 Mbps, but it would allow file transfer traffic to use bandwidth otherwise unused.  (Assuming you're paying for 5 Mbps, why not take full advanage of it anytime you can?)

0 Helpful

burhanburhan
Level 1
Level 1
In response to Joseph W. Doherty

‎11-23-2015 04:12 AM

Our customer wants to limit this traffic all the time. Can you send me a sample configuration plz. I really don't have knowledge about qos.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to burhanburhan

‎11-23-2015 05:06 AM

Platform and IOS version?

0 Helpful

burhanburhan
Level 1
Level 1
In response to Joseph W. Doherty

‎11-23-2015 05:18 AM

Cisco 888, 

c880data-universalk9-mz.152-4.M4.bin

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to burhanburhan

‎11-23-2015 07:28 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

class-map match-any fileXferSample

match protocol ftp

policy-map SamplePolice

class fileXferSample

police average 1000000

policy-map SampleShape

class fileXferSample

shape average 1000000

0 Helpful

burhanburhan
Level 1
Level 1
In response to Joseph W. Doherty

‎11-23-2015 10:52 PM

thank you Joseph, should i use both police average and shape average commands or just one of them ? And how should i apply to interface ? Outbound or inbound?

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to burhanburhan

‎11-24-2015 02:13 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Either the policer or shaper.

Applied to interface (something) like:

interface x

service-policy input|output Policy-name

Policer can be used for input or output, shaper only output.

0 Helpful

burhanburhan
Level 1
Level 1
In response to Joseph W. Doherty

‎01-26-2016 11:27 PM

Hello, sorry for the delay, our customer could test configuration recently.

our configuration as below, customer tries file sharing between two sides (i think it uses smb protocol) Can i match this file sharing traffic by this qos configuration?

class-map match-any fileXferSample
match protocol ftp
!
policy-map SampleShape
class fileXferSample
shape average 1000000
policy-map SamplePolice
class fileXferSample
police 1000000

interface Vlan2
bandwidth 5120
ip address 172.27.219.174 255.255.255.252
service-policy input SamplePolice
service-policy output SampleShape

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to burhanburhan

‎01-27-2016 03:23 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I would expect not, as SMB doesn't use FTP.

0 Helpful

burhanburhan
Level 1
Level 1
In response to Joseph W. Doherty

‎01-27-2016 05:28 AM

Can i match SMB traffic by configuration as follows ? Have you ever tried this way ?

access-list 102 permit tcp any any eq 445
!
class-map match-all SMB
match access-group 102

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to burhanburhan

‎01-27-2016 05:59 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Yup, that might work for fine later Windows systems.  If you've earlier Windows versions, you might also want to match against NetBIOS/NetBEUI protocols.

Also, depending on what version of IOS you're using, NBAR might have a protocol for it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card