[Hidden-tech] Cisco Router rate limiting
Matthew S. Crocker
matthew at corp.crocker.com
Mon Oct 25 18:38:05 EDT 2010
What hardware and ios version?
On Oct 25, 2010, at 3:05 PM, David Korpiewski <davidk at cs.umass.edu> wrote:
> ** Be sure to fill out the survey/skills inventory in the member's area.
> ** If you did, we all thank you.
>
>
> I don't know if there are any router gurus on this mailing list, but I'm
> hopeful.
>
> I'm trying to rate limit the traffic on a particular segment to about
> 30k of the T1 line (128kb) for any Http/Https/ftp traffic.
>
> I put in the rate limit commands for input and output, but when I
> actually perform a test, it still uses up the entire bandwidth on the
> wire when downloading a file from microsoft.com, for example.
>
> What is missing that is preventing this from dropping things and keeping
> the connection down to 30kb/sec?
>
> The reason that this is necessary is that the web traffic is using up
> all of the bandwidth and the terminal server clients are having horrific
> delay.
> Thanks
> David
>
> Router config:
>
>
> interface FastEthernet0/0
> ip address 192.168.2.1 255.255.255.0
> no ip directed-broadcast
> ip accounting output-packets
> rate-limit input access-group 101 24000 10000 10000 conform-action
> transmit exc
> eed-action drop
> rate-limit output access-group 101 24000 10000 10000 conform-action
> transmit ex
> ceed-action drop
> full-duplex
> !
> interface Serial0/0
> ip address 172.16.1.2 255.255.255.252
> no ip directed-broadcast
> ip accounting output-packets
> rate-limit input access-group 101 24000 10000 10000 conform-action
> transmit exc
> eed-action drop
> rate-limit output access-group 101 24000 10000 10000 conform-action
> transmit ex
> ceed-action drop
> encapsulation ppp
> no ip mroute-cache
> !
> interface Serial0/1
> ip address 172.16.1.13 255.255.255.252
> no ip directed-broadcast
> rate-limit input access-group 101 24000 10000 10000 conform-action
> transmit exc
> eed-action drop
> rate-limit output access-group 101 24000 10000 10000 conform-action
> transmit ex
> ceed-action drop
> encapsulation ppp
> shutdown
> !
> router rip
> version 2
> passive-interface FastEthernet0/0
> network 172.16.0.0
> network 192.168.2.0
> default-information originate
> no auto-summary
> !
> ip classless
> ip route 0.0.0.0 0.0.0.0 10.0.0.254
> no ip http server
> !
>
> access-list 101 permit tcp any any eq www
> access-list 101 permit tcp any any eq 443
> access-list 101 permit tcp any any eq ftp-data
> access-list 101 permit tcp any any eq ftp
>
>
> --
> ===========================================
> David Korpiewski
> Software Specialist I
> CSCF - Computer Science Computing Facility
> Department of Computer Science
> Phone: 413-545-4319
> Fax: 413-577-2285
> ===========================================
>
> --
> ===========================================
> David Korpiewski
> Software Specialist I
> CSCF - Computer Science Computing Facility
> Department of Computer Science
> Phone: 413-545-4319
> Fax: 413-577-2285
> ===========================================
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
>
More information about the Hidden-discuss
mailing list