Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4917
  • Last Modified:

Best way to limit bandwidth per-VLAN

Given an array of 2950's and 3550 Catalyst switches, what's the best way of limiting bandwidth (traffic shaping, rate limiting, policing, etc) on any particular VLAN, preferably not going to a per-port basis so that any port assigned to a VLAN automatically gets the limiting? Keeping an open mind here...
0
BrandonPotter
Asked:
BrandonPotter
  • 2
  • 2
1 Solution
 
lrmooreCommented:
With a full switched network, the main priority is always "more speed".
What is the purpose of limiting bandwidth? There are several QoS techniques available. Download Cisco Network Assistant and use the QoS wizards..

0
 
BrandonPotterAuthor Commented:
Right now, too much speed is the problem. ;)

We use this array of Catalyst deployment to provide internet access to different businesses located within our facility. Need to limit each VLAN to around 1.5mbps so that transfers between those businesses happens at "normal" internet speed and not LAN speeds, as well as making sure any virus/spyware that gets loose in one business can only hog up 1.5mbps of the "total" connection and can bring that particular VLAN to a crawl but still leave the other 1.5mbps VLANs functioning normally.

Currently this works well on a per-port basis but the amount of service/policing policies we have to put into each switch and configure is getting to be a bit much to handle, i.e. when one business wants a higher rate of speed (have to update service policy on each switch).
0
 
lrmooreCommented:
Interesting.... I don't know of any way to throttle per vlan, only on per-port ...
You can use broadcast/storm control to minimize impact of virus/worm activity.
Sounds like you need a custom web interface that the users themselves could up their bandwidth (and agree to pay for it, of course), Upon authorization, custom scripts could go out and make the changes to necessary switchports for you....
If you were using the LRE models, I think there is some inherent capabilities for bandwidth control..

Sorry I can't be more help to you.. perhaps some of our other Experts here can chime in...
0
 
BrandonPotterAuthor Commented:
Is it possible to create any sort of virtual (or use a physical in some case) interface that can have a service policy applied to it, and route all VLAN traffic through that interface? As sort of a "gateway" interface if you will?

I'm stretching here -- already in the process of constructing a .NET app that lets each client edit their own firewall rules (and on the back end edits a giant PIX access list...) -- I'd like to not go the same route for each switch. :( Programming apps that speak Cisco over telnet really sucks sometimes. Perhaps there's an easier method of scripting Cisco devices other than through a telnet console too? Maybe? Hopefully?
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now