Solved

limiting bandwidth on a particular VLAN

Posted on 2009-05-04
1
1,492 Views
Last Modified: 2012-05-06
I have a cisco catalyst 4506 switch with a supervisor IV engine.  We are looking to limit the bandwidth of a particular vlan that is coming into the switch.  We share a 5 MBPS connection with 2 other entities.  They come into our 4506 via fiber and then thru copper to our ISP's router.  They are on their own vlan(Vlan 902).  Since they are a school they are always using up all available bandwidth and the natives (my people) are getting upset at the fact that Dial up internet is faster.

My question is how do i limit the total amount of bandwidth on that vlan to only 1.5 mbps total for that vlan.  I just want them to be limited to that amount and that amount only.  We would then have the remaining 3.5 mbps to divide up amongst us and the other entity whom need it more.
0
Comment
Question by:pauljmiller
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 3

Accepted Solution

by:
yegs2000 earned 500 total points
ID: 24301620
So there are two ways you can do this. You can use the "Rate limit" command which effectively drops all packets that overflow the amount of bandwidth you set.

You can also use the "traffic shape" command which will buffer into memory packets that exceed the amount of bandwidth you specify.

Here is a link that you can use to see what command is better suited to you:

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a00800a3a25.shtml

I use these commands on a network for a small business (the small business shares a connection with a user in an attached apartment and the business didnt want the user in the apartment hogging the bandwidth at peak business hours)

This command is implemented on the interface closest to the traffic in this case. (Not sure how that would work, if you would implement this on the vlan itself or the port connected to the backbone/uplink to the switch)

!
rate-limit input access-group 123 384000 256000 512000 conform-action transmit exceed-action drop
!
! The access list that corresponds to this is as follows:
!
access-list 123 permit ip 192.168.1.0 0.0.0.63 any time-range WrkWkDay


So what this is doing is limiting the amount of upload the specified range of IP's can transmit into that interface.

For limiting download, I used the traffic shape command as seen below:

!
traffic-shape group 121 4010000 96240 96240 1000
!
! The corresponding access list
!
access-list 121 permit ip any 192.168.1.0 0.0.0.63 time-range WrkWkDay
!

So that traffic shape command is basically saying any address sending to 192.168.1.0/27 will be limited to about 4000kbps.

For the rate limit command, it's saying that 192.168.1.0/27 can send to any device but at a maximum of about 384kbps.
---


Hope this helps! Let me know if you need anything else.

-Yegs
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question