02-21-2018 05:52 PM - edited 03-05-2019 09:58 AM
Hi,
I'm planning to limit a certain bandwidth base on my client subscribed eg. 2Mbps, 10mbps, 5Mbps,
The problem is i dont like to use rate limit from my router since it will drop excess traffic, and traffic shaping will do only on outbound interface, my solution is traffic shape outbound using ACL where client terminated, then use again traffic shaping on trunk port matching client ACL, in that way client traffic will shape download but upload also. Kindly advise if there is something wrong.
02-21-2018 07:12 PM - edited 02-21-2018 07:13 PM
Hello
you cannot control ingress wan traffic As by the time the TS or policing is initiated then the traffic would have aready traversed the wan link.
Usually :
TS is for egress traffic
policing is an ingress traffic
what you could do is -
1) classify and police ingress from your lan on the rtrs lan facing interface
2) Traffic shape the mark egress traffic on your wan facing interface
res
paul
02-21-2018 07:49 PM
02-21-2018 08:44 PM
02-22-2018 12:18 AM
02-22-2018 07:33 PM
"Yes" you mean i can do both shaping egress on wan and lan facing interface.
02-22-2018 06:46 AM - edited 02-22-2018 06:51 AM
"you cannot control ingress wan traffic"
Sometimes you can.
If you're working with TCP based traffic, the sender will slow if it detects packet loss. Later TCP implementations may also slow if they detect a jump in end-to-end latency.
So, if you rate limit or shape WAN traffic, even though its downstream of a WAN link, with TCP you may impact the download rate. Unfortunately, depending on drops and/or queuing delay tends to be slow and/or imprecise in controlling the sender's transmission rate.
Another technique, for upstream TCP ingress rate control is to shape the return ACKs. This too is imprecise and can be slow to control the sender's rate.
Or course, a policer or shaper will precisely control the bandwidth provided to the downstream client, but again, its imprecise for truly controlling upstream ingress WAN bandwidth usage.
Non-TCP traffic may, or may not, slow their rate when they detect packet loss and/or jumps in latency.
There are special appliances that can better manage WAN ingress bandwidth. They much better monitor flow bandwidth and can regulate ACKs much more precisely and/or they "spoof" the receiver's TCP RWIN to control what the TCP sender transmits.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide