05-23-2012 10:49 AM - edited 03-07-2019 06:51 AM
Hello,
we have two departments each department is in it's own subnet. Config as follows:
class-map match-any RTLMT-Dept
match access-group name Dept1
match access-group name Dept2
!
policy-map RATE-LIMIT
class RTLMT-Dept
police 6000000 1125000 2250000
conform-action transmit
exceed-action drop
violate-action drop
!
interface GigabitEthernet0/0
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
no cdp enable
service-policy input RATE-LIMIT
!
ip access-list extended Dept1
permit ip any 10.1.0.0 0.0.0.255
ip access-list extended Dept2
permit ip any 10.2.0.0 0.0.0.255
Total internet speed provided by ISP is 12 Mbps.
So will these Depts share 6 Mbps or every Dept will have their speed of 6 Mbps?
Thanks.
Solved! Go to Solution.
05-23-2012 11:25 AM
Their joined incoming traffic will be restricted up to 6 Mbps. For every Dept to have it's own 6M you need to create two classes and police each class.
05-23-2012 11:25 AM
Their joined incoming traffic will be restricted up to 6 Mbps. For every Dept to have it's own 6M you need to create two classes and police each class.
08-18-2012 03:57 AM
Sergey,
in case of having more than 100 Depts any easy way to accomlish the task?
08-18-2012 04:28 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Safar Safarov wrote:
Sergey,
in case of having more than 100 Depts any easy way to accomlish the task?
Depends on your underlying requirements, but some switches, like the 6500, support (micro) flow or user (ubrl) policing.
08-18-2012 10:50 AM
Joseph,
Let's say, I have 100 Mbps ingress internet traffic to my router and I would like to police it among 100 users limiting each user to 1 Mbps. But creation of 100 classes to accomplish that seems to me a little bit strange. Therefore I'm looking for a way how to do that with the less administrative effort.
BR,
Safar.
08-18-2012 05:57 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Let's say, I have 100 Mbps ingress internet traffic to my router and I would like to police it among 100 users limiting each user to 1 Mbps. But creation of 100 classes to accomplish that seems to me a little bit strange. Therefore I'm looking for a way how to do that with the less administrative effort.
That's the major feature of per flow or per user policing, you don't define and manage 100 classes. You apply a special policer on an aggregate path that's able to distinguish and enforce policing per flow or per user.
Did you search for micro-flow and/or ubrl policing on Cisco's main web site?
08-19-2012 03:11 AM
Yes I found some articles, all with reference to Cisco® Catalyst® 6500/Cisco 7600 Series Supervisor Engine 720. It seems to me there is no way to apply it on Cisco 2900/3900 Series ISR...
08-19-2012 04:03 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Safar Safarov wrote:
Yes I found some articles, all with reference to Cisco® Catalyst® 6500/Cisco 7600 Series Supervisor Engine 720. It seems to me there is no way to apply it on Cisco 2900/3900 Series ISR...
Correct, which is why I initially noted "some switches, like the 6500". Feature is unavailable, I believe, on any ISR.
If your platform is an ISR, then you're stuck with using a large number of classes, or depending on what you really need to accomplish, perhaps a different approach to manage congestion.
08-19-2012 04:07 AM
Yes I see. Would it be the same in the case if I purchase ASR instead of ISR?
08-19-2012 04:51 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Safar Safarov wrote:
Yes I see. Would it be the same in the case if I purchase ASR instead of ISR?
Not sure as I haven't worked QoS on those and they run IOS XE. I suspect they don't, but don't quote me.
08-19-2012 10:40 AM
Okay. Then I think will go for 7600 Series.
Thanks for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide