10-09-2019 05:16 PM
I had worked with someone on this forum a few weeks ago to get a policy class setup. Basically I am needing to make sure certain IP's always have bandwidth. I did have a 100mb connection but we recently got a new circuit and it's a 250mb connection so I'm thinking this isn't going to work. I also got a new block of IP's and have a /24 now and not a /26. Instead of doing bandwidth by the IP I'm hoping I can do some sort of traffic shaping based upon the subnet as I'm splitting the /24 into various subnets.
My main router is a Cisco 2951 and I've created sub interfaces on the LAN side that trunk to a 3750x switch. From there I've setup vlans for each of the subnets.
What would be the best way to basically do something like this.
for vlan 501 which is a /29 subnet I'd like to guarantee 1mbps
for vlan 160 which is a /27 subnet I'd like to guarantee 25mbps
for vlan 200 which is a /26 subnet I'd like to guarantee 25 mbps
then the rest of the vlans/subnets get can be in the default class.
Is it better to do this on the router since the switch is basically just a layer 2 switch in my scenario?
Thanks
Solved! Go to Solution.
10-09-2019 05:38 PM
Hi Jkay,
You can definitely do it on the router
Step 1 : Define ACLs - one ACL for every class map , i.e ACL1 : match traffic from VLAN 501
Step 2: Define class maps - one class map for every ACL i.e :
class-map VLAN501
match access-group name VLAN501
Step 3: Define the policy map:
Policy-map traffic-shaping
class VLAN501
bandwidth 1000 or % of the interface link
Step 4: Define bandwidth on the interface (if you with the % value)
Step 5 : Apply the policy-map to the interface: service-policy out traffic-shaping
10-09-2019 05:38 PM
Hi Jkay,
You can definitely do it on the router
Step 1 : Define ACLs - one ACL for every class map , i.e ACL1 : match traffic from VLAN 501
Step 2: Define class maps - one class map for every ACL i.e :
class-map VLAN501
match access-group name VLAN501
Step 3: Define the policy map:
Policy-map traffic-shaping
class VLAN501
bandwidth 1000 or % of the interface link
Step 4: Define bandwidth on the interface (if you with the % value)
Step 5 : Apply the policy-map to the interface: service-policy out traffic-shaping
10-09-2019 05:47 PM
So I took what I had made and modified it slightly.
I'm still not sure where I define my 250 by 250 mbps circuit though
class-map match-all VoIP
description Voice Traffic
match access-group name VoIP
class-map match-all RDS
description RDS Traffic
match access-group name RDS
class-map match-all Corporate
description Corp Office
match access-group name Corporate
!
policy-map shaping
class VoIP
priority percent 1
class Corporate
bandwidth percent 8
fair-queue
class RDS
bandwidth percent 10
fair-queue
class Default
bandwidth remaining percent 100
fair-queue
!
!
!
ip access-list extended VoIP
permit ip 1.211.219.76 0.0.0.3 any
ip access-list extended RDS
permit ip 1.211.219.85 0.0.0.3 any
ip access-list extended Corporate
permit ip 1.211.21.64 0.0.0.7 any
Interface GigabitEthernet0/0
ip address 4.4.4.1
service-policy output Shaping
10-09-2019 05:53 PM
You should define the bandwidth and the policy to the WAN interface which is connected to the service provider NTU
i.e
Interface GigabitEthernet0/0 ( is this connected to the NTU?)
Bandwidth 250000
service-policy output Shaping
10-09-2019 05:55 PM
So it would be
Interface GigabitEthernet0/0
ip address 4.4.4.1
bandwidth 250000
service-policy output Shaping
Does the rest of the config look correct to you?
10-09-2019 06:01 PM
Yeah looks good but the bandwidth % values doesn't match the requirements in your first post?
10-09-2019 06:03 PM
Ok, I will give it a try.
I just put random % values in as an example.
Thank you for the quick help
10-09-2019 06:07 PM
No worries, please mark the 1st reply as solution if it answered your question, thanks! :)
10-09-2019 07:08 PM
One more question, as it is now it only is on the g0/0 interface outbound, can i put it on the lan side sub interfaces to do shaping for the inbound traffic?
10-09-2019 07:28 PM
No need for your requirement, when a packet from any of the VLANs is going out to the circuit, router will match the packet against the ACL , it then apply the policy map policies to the packet accordingly.
So remember you are applying to the outbound traffic on the WAN interface which includes all the inbound traffic to the sub interfaces :
Packet >> inbound to LAN interface >> Router >>> Outbound from WAN interface >>> 250 Mbps Circuit
10-09-2019 08:21 PM
So by putting it on the WAN interface out is will also apply the same policy for inbound traffic so upload and download will get the policy?
10-09-2019 08:32 PM
Only upload in this case as this is applied to outbound
10-09-2019 08:36 PM
So can I put it on the Lan interfaces and the wan interface?
10-09-2019 08:38 PM - edited 10-09-2019 08:42 PM
Yes you definitely can, but why do you want traffic shaping for your LAN? QoS is for slow links, isn't your LAN Gigabit ethernet?
And by the way this won't limit the bandwidth, this is traffic shaping which makes sure it reserves bandwidth for your classes, so if network gets saturated every class will have a % of bandwidth reserved.
To limit bandwidth , you have to use QoS traffic policing.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide