How do i  limit bandwidth for a certain web site ona  cisco 1700 /2800

Posted on 2009-02-18
Last Modified: 2013-12-27
Hi There
i am trying to allocate a maximum bandwidth to a website by using cisco MQC for QOS

in this example i am trying to limit the bandwidth to to 135Kbps download

i just cant get it to work, i have included the whole router config to show that i have enabled nbar and ip cef

any thoughts
version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption


hostname Adamrtr





enable secret 5 $1$dvy/$zfvbrVJSiByX.a7esvymp0


memory-size iomem 25

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef




ip dhcp pool adpool




   domain-name What_a_Twat

   lease infinite


ip audit po max-events 100

ip name-server



username adam privilege 15 password 0 powercox




class-map match-all webmatch

  match protocol http url "**"



policy-map enforce

  class webmatch

   police 135000






interface ATM0

 no ip address

 ip nbar protocol-discovery

 no atm ilmi-keepalive

 dsl operating-mode auto

 pvc 0/38

  encapsulation aal5mux ppp dialer

  dialer pool-member 1



interface FastEthernet0

 ip address

 ip nat inside

 ip nbar protocol-discovery

 speed auto

 service-policy input enforce


interface Dialer1

 ip address *.*.*.*

 ip nat outside

 ip nbar protocol-discovery

 encapsulation ppp

 dialer pool 1

 ppp chap hostname zen167239@zen

 ppp chap password 7 075833445F5B03333C

 ppp pap sent-username **********@zen password 7 075833445F5B03333C


ip nat pool natpool *.*.*.* *.*.*.* netmask

ip nat inside source list nat pool natpool overload

ip classless

ip route Dialer1

no ip http server

no ip http secure-server


ip access-list extended nat

 permit ip any



line con 0

 password powercox

 login local

line aux 0

line vty 0 4

 password powercox

 login local



Open in new window

Question by:adam_merritt
    1 Comment
    LVL 3

    Accepted Solution

    please try

    match protocol http host "**" instead of URL

    for host, it should be service policy output, not input


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Suggested Solutions

    Hi there, This article summarizes what you need if you are going to set up your home or small business Network Attached Storage (NAS) to be accessible from the internet. Of course there are configuration differences based on your NAS or router ma…
    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now