Solved

Cisco PIX 525 and traffic shaping / policy options

Posted on 2010-09-22
4
778 Views
Last Modified: 2012-06-22
Dear Expert,

I am using a Cisco Pix 525 ver 8.0.4 to access the internet from my company.
I need to give priority or to allow an amount of bandwidth to a specific website.

for exemple I have 10Mbits for the internet access, I need to reserve 8MBits for www.cisco.com and 2Mbits for the rest of the traffic.

How can I do this ?

Thx
Jérémy
0
Comment
Question by:martineit
  • 3
4 Comments
 
LVL 16

Expert Comment

by:InteraX
ID: 33734294
What version of the OS are you running. This will require the QoS Modular Policy Framework feature that is only available in v7.0 and above. This will be a hard limit that cannot be expanded on, so you would have 8Mb exclusively for cisco.com and the 2Mb exlusively for everything else. If you want more flexible packet shaping, you will need to look at a packet shaping device.
0
 
LVL 16

Assisted Solution

by:InteraX
InteraX earned 500 total points
ID: 33734338
Details of the Cisco PIX/ASA feature can be found at http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008084de0c.shtml

An overview of packet shaping devices etc can be found at http://www.processor.com/editorial/article.asp?article=articles%2Fp2816%2F07p16%2F07p16.asp. There is also the bluecoat packet shaper which used to go by the name packeteer. http://www.bluecoat.com/products/packetshaper
0
 
LVL 1

Author Comment

by:martineit
ID: 33734827
Thanks for the information. I have IOS version 8.0.4.
so the QoS Modular Policy Framework should be available.

Could you give me the piece of code I should put in the configuration in order to allow  8Mbits to Cisco.com and 2 Mbits to the rest ?

Thanks in advance.
J.
0
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
ID: 33736537
The below is provided with the following disclaimer: This is a feature I have used very little and cannot guarantee it will not cause problems. Reading the documentation this is correct to my understanding. Proceed at your own risk.

I would just look at setting up the 2Mbps to the rest. Then the website can have 8Mbps or more if available.

1. Create an ACL to identify the traffic you are interested in.
2. Associate that with a class map
3. Create a policy map (you may already have one)
4. Associate the policy with an interface

access-list Non_Web_Trafic extended deny any <website you want to exclude>
access-list Non_Web_Trafic extended permit any any
class-map Limit_Bandwidth
 match access-list Non_Web_Trafic
policy map QoS
 class Limit_Bandwidth
  police output 2097152
  police input 2097152
service-policy QoS interface outside
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question