Solved: Limit Bandwidth on Switch or Router

Edson Vuma · ‎03-18-2013

Hi, guys

I have a concern.

How I can limit the bandwidth for customers.

This is my scenario.

I have a 30Mbps Internet link, and I want to "share" this Internet to customers, but, certainly I will have to limit the bandwidth, upload and download.

The customers are going to be connected to this Internet by Switch....

I have seen this command:

Switch(config-if)# srr-queue bandwidth ?  limit              Configure bandwidth-limit for this interface
  shape             Configure shaping on transmit queues
  share              Configure shared bandwidth

Is this command adequated to my concern?
Is there another?

What are the best practicies for this type and level of configurations (limit bandwidth)?

Any help?

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

Hi Edson,

I don't think the ios has a difference in this case, otherwise i'd assume cisco would have stated this as a feature enhancement.

I haven't seen any documentation that states the output config on 3750's.

You may wish to have a look at these links which state the input option and also the srr-queue bandwidth commands...

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_58_se/configuration/guide/swqos.pdf

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_53_se/configuration/guide/swqos.html#wp1163879

hth

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

View solution in original post

InayathUlla Sharieff · ‎03-18-2013

Hi Edson,

What model of switch is this?

-You can try this with service policy as well which can be used to limit the traffic.

config example I am showing below limit the 10 MB for user and exceed of that will be drop.( 1 Gig link)

ip access-list extended testACL

permit ip any any

class-map test

match access-group testACL

policy-map testpolicy

class test

police 10000000 8000 exceed-action drop

Switch(config)# interface range gigabitethernet1/0/25

Switch(config-if)# service-policy input testpolicy

2- The other way as you listed the ssr:

Please find below link which explain about hte srr-queu:

http://www.techrepublic.com/blog/networking/limit-bandwidth-on-a-cisco-catalyst-switch-port/404

srr-queue bandwidth limit

Use the srr-queue bandwidth limit interface configuration command to limit the maximum output on a port. Use the no form of this command to return to the default setting.

srr-queue bandwidth limit weight1

no srr-queue bandwidth limit

Syntax Description


weight1	Percentage of the port speed to which the port should be limited. The range is 10 to 90.

Defaults

The port is not rate limited and is set to 100 percent.

Command Modes

Interface configuration

Command History


Release	Modification
12.1(11)AX	This command was introduced.

Usage Guidelines

If you configure this command to 80 percent, the port is idle 20 percent of the time. The line rate drops to 80 percent of the connected speed. These values are not exact because the hardware adjusts the line rate in increments of six.

This command is not available on a 10-Gigabit Ethernet interface.

Note The egress queue default settings are suitable for most situations. You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet your quality of service (QoS) solution.

Examples

This example shows how to limit a port to 800 Mb/s:

Switch(config)# interface gigabitethernet2/0/1

Switch(config-if)# srr-queue bandwidth limit 80

You can verify your settings by entering the show mls qos interface [interface-id] queueing privileged EXEC command.

HTH

Regards

Inayath

*Plz rate the usefull posts.

Edson Vuma · ‎03-18-2013

Hi, InayathUlla

Thanks for your response,

It was very helpfull.

Im using WS-C3750X-48P-L

But, just to know, what is the best practicies for this?

With SERVICE POLICY or with SRR-QUEUE BANDWIDTH LIMIT?

This command

Switch(config-if)# srr-queue bandwidth ?
  limit              Configure bandwidth-limit for this interface
  shape             Configure shaping on transmit queues
  share              Configure shared bandwidth

Limits the bandwidth in percentages?

So, just to understand, if I wanted to limit a interface to 3Mbps, upload and download, how I would do it?

Not forgeting that the switch has Gigabit Ethernet ports.

Thanks

--
Regards
Edson Vuma

-- Regards Edson Vuma

InayathUlla Sharieff · ‎03-18-2013

Hi Edson,

I would prefer to use the service policy as that its quite easy to implement.

2- Rate limiting on a 3750 base on the port to 2 Meg limit.

Here is a sample config for configuring rate limiting for this switch:

Example:

Switch(config)# int

Switch(config-if)# srr-queue bandwidth limit 80

From the config guide:

When you configure this command to 80 percent, the port is idle 20 percent of the time.

The line rate drops to 80 percent of the connected speed, which is 800 Mbps. These values

are not exact because the hardware adjusts the line rate in increments of six.

show mls qos int queu

You can see simliar and more details at:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12225sea/3750scg

/swqos.htm#wp1253412

Read the "Limiting the Bandwidth on an Egress Interface" section.

Limiting bandwidth to 2 meg on a gig port for multiple customers is not supported on this

platform.

HTH

Regards

Inayath

Edson Vuma · ‎03-18-2013

Hi, InayathUlla

I am starting to agree with you. The easier is SERVICE POLICY

So, for my case, If I wanted to limit a port to permit only 3 Mbps, my configs were be like this:

ip access-list extended ACL_3Mbps

permit ip any any

class-map Link_3Mbps

match access-group ACL_3Mbps

policy-map Policy_3Mbps

class Link_3Mbps

police 3000000 8000 exceed-action drop

Switch(config)# interface gigabitethernet1/0/12 <----EXAMPLE

Switch(config-if)# service-policy input Policy_3Mbps

?????

One last question, this limitation is for UPLOAD and DOWNLOAD, I mean, is OUTBOUND and INBOUND?

Best wishes

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

Switch(config-if)# service-policy output Policy_3Mbps for outbound

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Edson Vuma · ‎03-18-2013

Hi, Bilal

What is the difference between:
service-policy output
and
service-policy input

Best wishes

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

To specify the direction of the traffic...

Input, inbound

Output, outbound

Please see:

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfmcli2.html

Attaching a Traffic Policy to an Interface

To attach a traffic policy to an interface, use the service-policy command. The service-policy command also allows you to specify the direction in which the traffic policy should be applied (either on packets coming into the interface or packets leaving the interface).

The service-policy command syntax is as follows:

service-policy {input | output} policy-map-name
no service-policy {input | output} policy-map-name

Hope this helps

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Edson Vuma · ‎03-18-2013

Thanks, Bilal

service-policy {input | output} policy-map-name

Another question,

This limitation works for both UPLOAD and DOWNLOAD or I need to add type the two commands ( {input | output} ) on the interface?

Best wishes

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

Hi Edson,

If you want your policy to apply for both inbound and outbound you need to configure with both commands e.g.

### To match the traffic

ip access-list extended ACL_3Mbps

permit ip any any

!

### Class the traffic

class-map Link_3Mbps

match access-group ACL_3Mbps

!

### Apply policy against the class (type of traffic specified by your class-map)

policy-map Policy_3Mbps

class Link_3Mbps

police 3000000 8000 exceed-action drop

!

interface gigabitethernet1/0/12

### Applies the policies inbound and outbound, both directions

service-policy input Policy_3Mbps

service-policy output Policy_3Mbps ***

Hope this helps

*** Output policing is not supported on 3750's - not sure about the 3750X. In which case the closest you can limit is approx 10% of the overall B/W with the srr-queue bandwidth limit 10 command. Im not sure of other ways of implementing this with more accuracy. This will be for both, inbound and outbound to my understanding.

Message was edited by: Bilal Nawaz

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Edson Vuma · ‎03-18-2013

Hi, Bilal

I got an error using:

service-policy output Policy_3Mbps

The interface does not support the specified policy configuration and/or parameter values.

Warning: Assigning a policy map to the output side of an interface not supported

But, for service-policy input Policy_3Mbps worked.

What should be the problem?
My POLICY IS:

police 10000000 8000 exceed-action drop

Any help?

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

Hi Edson,

Please see my edited message above:

Unfortunately you cant use the output key word on the 3750's as egress policing is not supported.

I've tested on a 4500 and a 6500 and works fine...

Please see Richards post:

https://supportforums.cisco.com/thread/2098367

Hope this clarifies things.

Kind Regards,

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Edson Vuma · ‎03-18-2013

Hi, Bilal

Its a very bad news.

In my opinion, this doesnt make sense.

The LAST key word.

So, Bilal

With this command:

Switch(config-if)# srr-queue bandwidth ?
  limit              Configure bandwidth-limit for this interface
  shape             Configure shaping on transmit queues
  share              Configure shared bandwidth

Having a 30Mbps Internet link, knowing that this switch has GigabitEthernet ports, how I can configure a limitation of 3Mbps on an interface?

Best wishes and thanks

--
Regards
Edson Vuma

-- Regards Edson Vuma

Bilal Nawaz · ‎03-18-2013

Hi Edson,

I don't think there is a way of doing this, stated above.

As Richard discusses in his post:

https://supportforums.cisco.com/thread/2098367

There is no way to perform class based egress rate-limiting on the 3750. The only way to do
egress  limiting is by 'srr-queue bandwidth limit' command (or) the "srr-queue  bandwidth shape" command on this particular platform as shown above.

Unless you get a dedicated appliance to do this for you.

hth,

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Edson Vuma · ‎03-18-2013

Hi,

Bilal

So, this way, with this switch we cannot make this configuration.

But, I have a question

If I upgrade the IOS to IP Services, will I be able to make this configuration?

--
Regards
Edson Vuma

-- Regards Edson Vuma