Showing results for 
Search instead for 
Did you mean: 

Traffic Policy on Bandwidth



We have 150 Mbps internet link, and we have some 4 vlans which are getting internet from that links. That vlans are natted with public IPs as :

executive: XX.XX.XX.01

Guest : XX.XX.XX.02

Smart  : XX.XX.XX.03

Staff:  XX.XX.XX.04


Now on the internet routers we have  make traffic policies for these Vlans and restricted the bandwidth on these vlan as 15 Mbps, 5 Mbps etc out of 150 Mbps. When I am doing speed test, its look like that policy are not effective.


The following configuration is done on router regarding the policy:


class-map match-any executive
 match access-group name executive
class-map match-any guest
 match access-group name guest
class-map match-any smartphones
 match access-group name smartphones
class-map match-any vendors
 match access-group name vendors
policy-map Child-policy
 class smartphones
  bandwidth 25000
 class guest
  bandwidth 15000
 class executive
  bandwidth 20000
 class vendors
  bandwidth 2000
policy-map parent-policy
 class class-default
  shape average 150000000   
   service-policy Child-policy 


interface GigabitEthernet0/0/2
 description ## 150 Mbps Mbps Internet Link from BSNL ##
 bandwidth 153600
 ip address a.b.c.d
 ip nat outside
 load-interval 30
 negotiation auto
 service-policy output parent-policy


ip access-list standard executive
 permit XX.XX.XX.01
ip access-list standard guest
 permit XX.XX.XX.02
ip access-list standard smartphones
 permit XX.XX.XX.03
ip access-list standard vendors
 permit XX.XX.XX.04


Now please guide me that what is wrong conf. we have done that these are not effected on vlan.



Joseph W. Doherty
Hall of Fame Expert

CBWFQ bandwidth statements do not set a maximum. The provide a minimum.

To set maximums you need to use a shaper or policer.
Kevin SAS



Joseph is right, your configuration only reserve bandwith in case of congestion and does not police or shape the traffic. Use something like that instead :

policy-map Child-policy
 class smartphones
  shape average 25000
 class guest
  police rate percent 40 burst 200 ms conform-action transmit exceed-action transmit violate-action drop
Second one is doing policing without buffering and allow max 40% of bandwith, based on the bandwith statement of gi 0/0/2

Dear Kevin,



Can you give me exact and full configuration for configuring and limiting the Bandwidth for different vlan as:

Smartphone:-25 Mbps

Guest:- 15 Mbps

Executive :- 20 Mbps

Vendor:- 2 Mbps


Thanks in Advance.

I think you have enough of stuff to work, juste replace your bandwith command in your class with

shape [bandwith desired in bit/sec)