Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
0
Helpful
3
Replies

Traffic shaping question - Class Based Shaping

Machi Ma
Level 1
Level 1

‎12-15-2010 08:28 PM - edited ‎03-06-2019 02:34 PM

HI,

I have question for the traffic shaping with by Class-based shaping.  Following is my envirnment setup

Example

Internal: 10.235.132.0/24

facing interface: FastEthernet 0/0

Limit in/out to 5Mbps
Dest address:  20.181.0.0 0.0.255.255
Dest address:  20.182.0.0 0.0.255.255

Limit in/out to 10Mbps
Dest address:  30.188.0.0 0.0.255.255
Dest address:  30.189.0.0 0.0.255.255

Others
Unlimit bandwidth access

Did not limit the incoming traffic with destination port such as 8080

WAN interface: fastEthernet 0/1

Command:

access-list 110 permit ip 10.235.132.0 0.0.0.255 20.181.0.0 0.0.255.255
access-list 110 permit ip 10.235.132.0 0.0.0.255 20.182.0.0 0.0.255.255

access-list 111 permit ip 10.235.132.0 0.0.0.255 30.188.0.0 0.0.255.255
access-list 111 permit ip 10.235.132.0 0.0.0.255 30.189.0.0 0.0.255.255

access-list 120 permit any any

class-map class_1
match access-group 110
exit

class-map class_2
match access-group 111
exit

policy-map policy_1
class class_1
bandwidth 5000

class class_2
match access-group 111
bandwidth 100000
exit

int fastEthernet 0/1
service output policy_1

However, I could not finish it for unlimited bandwdith for those out of accesss-list 110 & 111.  Also for the no limited bandwidth access for the incoming port 8080.

Please advise.  Thx!

Labels:
0 Helpful
3 Replies 3

JoeKeegan3
Level 1
Level 1

‎12-16-2010 06:06 AM

The bandwidth command is a bandwidth guarentee, not a bandwidth limiter.

If you want to limit the amount of bandwidth used by a class you need a shaper, for example:

policy-map policy_1
class class_1

  match access-group 110
  shape average 5000

class class_2

  match access-group 111

  shape average 100000


Note in your example below you forgot the match command in class_1 and the bandwidth command in class_2 was set to 100Mb not 10Mb.

In you want to limit plus guarantee then you still include the bandwidth command like this:

class class_1

  match access-group 110
  shape average 5000

  bandwidth 5000

Anything outside of the specified classes will be placed into class-default and will be able to use any remaining bandwidth (I think this is what you mean by unlimited).

Lastly since this policy is applied outbound it does not impact any incoming traffic.

Hope this helps,

Joe

0 Helpful

Machi Ma
Level 1
Level 1
In response to JoeKeegan3

‎12-17-2010 01:51 AM

Thanks for reply,  is that means I need to apply this for the input interface also?  Because I thinking is that will affect the incoming traffice for port 8080 if the bandwidth is fully use.

Thanks!

0 Helpful

JoeKeegan3
Level 1
Level 1
In response to Machi Ma

‎12-17-2010 07:39 AM

Again this policy will not impact the inbound traffic to that interface.

Of course since you are dealing with TCP traffic, you need to consider the ACKs and other return traffic (i.e. traffic from the inside destined for port 8080).

If hosts other then the ones you define in the current classes are sending traffic to 8080 then you may want to include traffic from inside to port 8080 into one of the classes you define or in a class of it's own.

something like this.if you wanted to add to class_1


access-list 110 permit tcp any any eq 8080

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card