Solved

rate limit individual users to 4mb in a vlan

Posted on 2006-07-17
3
282 Views
Last Modified: 2010-04-17
We have 30 users in a vlan and need to rate limit each individual user to 4mb. Any suggestions on how to design this?
0
Comment
Question by:vince_mele
3 Comments
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 17124596
If they are in a single vlan there isn't that much in the way of options. AFAIK, all of the QOS functions available at Layer 2 are to provide prioritzation, not rate-limiting.

But a very simple solution that will at least help is to hard-code the switch ports to 10mb/half duplex. Realistically, because of the way half-duplex ethernet functions, they are not likely to get past around 5 mb/sec. The reason is that as traffic increases, so do collisions, which causes the traffic to slow down. So it creates a natural rate-limiting environment, although it doesn't guarantee anything.
0
 
LVL 9

Accepted Solution

by:
Pentrix2 earned 250 total points
ID: 17126920
Mikebernhardt is pretty much on the money.  The solution given will be at no cost but no guarantees.  There are software solutions but those cost money.

David
0
 

Author Comment

by:vince_mele
ID: 17132164
Our environment is pretty dynamic and the hosts will move around a bit so we didn't want to do anything port based. But thanks. We ended up using the rate limit command and access-lists:

rate-limit input access-group 2000 4000000 16000 24000 conform-action transmit exceed-action drop
rate-limit input access-group 2001 4000000 16000 24000 conform-action transmit exceed-action drop
rate-limit input access-group 2002 4000000 16000 24000 conform-action transmit exceed-action drop

access-list 2000 permit ip host 64.x.x.x any
access-list 2001 permit ip host 64.x.x.x any
access-list 2002 permit ip host 64.x.x.x any
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now