jump to navigation

Rate-limit Using Access List January 4, 2008

Posted by ZoeL in Cisco.
Tags: , ,
trackback

Task : Limit transfer rate to 256 kbps, from PC to FTP server using rate-limit

Ada kebutuhan di salah satu client, mereka ingin membatasi penggunaan bandwidth untuk client tertentu dari subnet luar. nah testing dulu deh di lab.

!
interface FastEthernet0/0
ip address 192.168.10.1 255.255.255.0
ip nat inside
rate-limit input access-group 111 256000 48000 96000 conform-action transmit exceed-action drop
rate-limit output access-group 111 256000 48000 96000 conform-action transmit exceed-action drop
duplex auto
speed auto
!
interface FastEthernet0/1
ip address dhcp hostname routertest
ip nat outside
duplex auto
speed auto
!
ip classless
ip route 172.16.231.66 255.255.255.255 FastEthernet0/1
!
ip nat inside source list 111 interface FastEthernet0/1 overload
!
access-list 111 permit ip host 192.168.10.2 host 172.16.231.66
access-list 111 permit ip host 172.16.231.66 host 192.168.10.2
!


nah. PC (192.168.10.2) hanya memperoleh bw 256 kbps ketika mengambil file dari ftp server (172.16.231.66).
Command rate-limit di mix dengan access list agar bisa lebih spesific deny/permit IP/Port tertentu yang ingin di batasi.

addendum,

input Applies this CAR traffic policy to packets received on this input interface.
output Applies this CAR traffic policy to packets sent on this output interface
dscp (Optional) Allows the rate limit to be applied to any packet matching a specified differentiated services code point (DSCP).
access-group (Optional) Applies this CAR traffic policy to the specified access list.
rate-limit (Optional) The access list is a rate-limit access list.
bps Average rate, in bits per second (bps). The value must be in increments of 8 kbps.
burst-normal Normal burst size, in bytes. The minimum value is bps divided by 2000.
burst-max Excess burst size, in bytes.
conform-action Action to take on packets that conform to the specified rate limit. Specify one of the following keywords

exceed-action Action to take on packets that exceed the specified rate limit. Specify one of the following keywords

Burst-normal = configured rate * 1/8 * 1.5 seconds (1/8 for convert bit to byte)

Burst-max = Burst-normal * 2

other example :

interface Serial 0/1
Description T3 to MR
rate-limit imput access-group 111 10000000 1875000 3750000 conform-action drop
rate-limit imput access-group 122 8000000 1500000 3000000 conform-action drop
rate-limit imput access-group 133 20000000 3750000 7500000 conform-action drop

access-list 111 permit tcp any any eq www
access-list 122 permit tcp and any eq ftp


from : http://www.cisconet.com/index.php/QoS/Cisco-How-to-limit-rate-on-interface.html

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: