01-30-2006 09:51 PM - edited 03-03-2019 11:36 AM
Good Day All,
I hope to be able to rate-limit certain hosts on the input and output of an Internet connection to 1Meg. bps with the ability to burst to 2Meg. bps.
I would like all other hosts on the network to share the bandwidth on the Internet connection.
Please find a basic config. I hope to do something very similar to this example.
access-list 101 permit ip host 192.168.1.1 any
access-list 101 permit ip any host 192.168.1.1
access-list 102 permit ip host 192.168.1.2 any
access-list 102 permit ip any host 192.168.1.2
interface Ethernet0
rate-limit input access-group 101 1024000 103000 206000 conform-action transmit exceed-action drop
rate-limit input access-group 102 1024000 103000 206000 conform-action transmit exceed-action drop
rate-limit output access-group 101 1024000 103000 206000 conform-action transmit exceed-action drop
rate-limit output access-group 102 1024000 103000 206000 conform-action transmit exceed-action drop
Burst Normal in bytes:
1024000/8=103000
Burst Max in Bytes
2048000/8=206000
I have a couple of questions please about this.
Questions:
1. Does this configuration look reasonable to achieve these goals?
2. I read somewhere that if traffic is not matched by a rate-limit that it is transmitted anyway. Can anyone please confirm this?
I will be running this on a 7204 router that has a average CPU usage of 4-7 percent and low memory used.
Thank you so much for any help.
Solved! Go to Solution.
01-30-2006 10:07 PM
Hi,
The config you have got will mostly work. Here are a few comments though:
- CAR is a single-rate policer. Therefore, you can achieve the aim of limiting traffic to 1Mbps using CAR. However, you cannot achieve a precise peak rate of 2Mpbs despite configuring the excess burst size to be twice the normal burst size. However, the config you have will give you performance reasonably close to what you are after.
All traffic that is not matched by the rate-limit statements will NOT be policed. If you want traffic not matching the above two rate-limit statements to be rate-limited to some other value, configure the following:
rate-limit input/output 2000000
(This will be a catch-all since no access-group is specified).
Alternatively, you can drop all traffic that does not match ACL 101 or 102:
rate-limit input/output 2000000
Hope that helps - pls rate the post if it does.
Paresh
01-30-2006 10:07 PM
Hi,
The config you have got will mostly work. Here are a few comments though:
- CAR is a single-rate policer. Therefore, you can achieve the aim of limiting traffic to 1Mbps using CAR. However, you cannot achieve a precise peak rate of 2Mpbs despite configuring the excess burst size to be twice the normal burst size. However, the config you have will give you performance reasonably close to what you are after.
All traffic that is not matched by the rate-limit statements will NOT be policed. If you want traffic not matching the above two rate-limit statements to be rate-limited to some other value, configure the following:
rate-limit input/output 2000000
(This will be a catch-all since no access-group is specified).
Alternatively, you can drop all traffic that does not match ACL 101 or 102:
rate-limit input/output 2000000
Hope that helps - pls rate the post if it does.
Paresh
01-30-2006 11:17 PM
Thanks mate :)!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide