02-07-2011 01:06 PM - edited 03-06-2019 03:24 PM
Hello,
We currently have 2 3750V2 switches connected to 2911 ISR with Sec license.
We are going to be leasing some space in our office to new tennats that will use our existing data drops in their suites.
So basically, they will be using our Internet access (50M from our ISP).
We want to segregate our new custoemrs from us (I was thinking VLANs) and limit their bandwidth on the Internet. Example, customer A leases a suite from us, we add an addtional $$$ per month for Internet access and gurantee them atleast that amout of bandwidth (Ex, 5Mbps per customer).
Can our current equipment do this? If so, please include some terms I can research to get a better idea how to accomplish. Thanks in advance.
02-07-2011 05:17 PM
Hi,
This doc might help
http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a0080160fc1.shtml
You got to do marking on the inbound interface and shaping on the outbound. You will probably use NAT and the marking should survive this process.
02-07-2011 11:41 PM
Hi,
Please try the below two individual steps and check.
STEP-1:
Apply rate-limit on each L3 vlan interface in your 37500.
Example (for 1024kbits for vlan 2):
Router# conf t
Router(config)# int vlan 2
Router(config-if)#rate-limit input 1000000 187500 375000 conform-action transmit exceed-action drop
Router(config-if)#rate-limit output 1000000 187500 375000 conform-action transmit exceed-action drop
STEP-2:
Policy a specific VLAN number on VLAN interface.
class-map vlan5
match vlan 5
match class-map class-default
policy-map vlan5-limit
class vlan5
police 2000000 250000 exceed-action drop
int vlan5
service-policy input vlan5-limit
After you apply this configuration, the traffic with VLAN 5 coming from any will be policed at 2Mbps.
Hope this will help you.
Please rate the helpfull posts.
Regards,
Naidu.
02-08-2011 04:02 AM
Hi,
An alternative solution to the use of VLANs to segregate customer traffic is be to use VRF lite. A good introduction to the technology can be found below. It allows you to segment your infrastructure into separate isolated virtual networks.
http://packetlife.net/blog/2009/apr/30/intro-vrf-lite/
See also the following document on how to isolate different organisations that share your network infrastructure.
http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Network_Virtualization/GuestAcc.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide