Traffic shaping in Cisco 3745 router

Here is our internet setup

we are getting of 1 MB from which is connected as follows
                       ROUTER (212.x.x.145)Cisco 3745 IOS ver 12.3(17b)
                        |Cisco 3550
            (212.x.x.147)  SWITCH--------- MANAGEMENT (212.x.x.149)
                       Firewall(212.x.x.146) - PIX 525 (7.0.6)
                         |     |
         |     |
                         |     |
                         |     |
                        LAN    DMZ SWITCH Cisco 3550
                        |      |    |    |
                        |      |    |    |
                        |      |    |    |
                        |      |    |    |
                    NAT & PAT  ISA   WEB  EXCH    

We have done following things
NAT to 212.x.x.157,
PAT to 212.x.x.157
ISA, WEB, EXCH server is DMZ zone
Following are the details of NAT

ISA -  212.x.x.151
WEB  212.x.x.150
EXCH  212.x.x.148

Now I am planning to create a time based access-list from 7 AM to 8 PM

I want to assign following bandwidth

ISA Server 800 K
NAT        50 K
PAT        50 K
WEB        100 K
EXCH       200 K

I am trying this by access-list but it seems not working is there any way are if thro access-list then how should I do. Also for the ISA server i just need to close all the ports except http, https. gre for VPN, MSN & YAHOO messenger. FOr web server and MANAGEMENT I need just Http, https, and FTP. For EXCH I need pop3, smtps and https.

I am using following access-list in my router for the traffic shaping

access-list 101 permit 212.x.x.151
access-list 102 permit 212.x.x.148
access-list 103 permit 212.x.x.150
interface fastethernet 0/0
 traffic-shape group 101 800000
 traffic-shape group 102 200000
 traffic-shape group 103 100000

Who is Participating?
tvman_odConnect With a Mentor Commented:
1. Traffic shaping works in OUTGOING direction only.
2. I would use class based queueing which would allow to assign minimum bandwidth for each class and let it take more when there is no traffic of other classes.
alkhaleejAuthor Commented:
then  how should I implement the class based queuing any documents
tvman_odConnect With a Mentor Commented:
For basic conceptions I'd start here
Here is some white papers

For specific configuration samples just google by kywords from the documents or ask me, feel free to keep this question opened.
alkhaleejAuthor Commented:
Well it would be better you post a sample configuration based on my setup
tvman_odConnect With a Mentor Commented:
I prefer to give people ideas how to slolve the problem but samples which would be questioned over and over again. If you understand why it's done this way, you can modify it to fit your needs next time.
Did you read articles which I gave you? Could you point on subjects which you need to be explained in simple words?

Typical config for outgoing QoS policy would be:

access-list extended default
 permit ip any any  

class-map match-any EF
match ip precedence 5  
match ip dscp ef  

class-map match-any AF41
   match protocol ssh
   match protocol rcmd
   match protocol telnet
   match access-group name <your app>
class-map match-any AF31
  match protocol dns
  match protocol notes
  match protocol xwindows
  match protocol citrix
  match access-group name <your app>

class-map match-any AF21
    match ip dscp AF21

class-map match-any BE
  match access-group default

policy-map QoS
 class EF
   set ip dscp ef
    priority 512  
class AF41
   set ip dscp af41
   bandwidth ...  
class AF31
   bandwidth ...  
   set ip dscp af31
class AF21
   bandwidth ...  
   set ip dscp af21
 class BE
   bandwidth ...  
   set ip dscp default  

interface Serial0
 bandwidth 1536
 no ip address
 encapsulation frame-relay IETF
 no fair-queue
service-policy output QoS  
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.