Solved

Best way to limit bandwidth to an access-group in IOS on a dialer interface

Posted on 2011-03-17
4
575 Views
Last Modified: 2012-05-11
Hi I have an ACL(110) which I want to limit the bandwidth.  This is an IP camera and I dont want it trying to push out so many frames per-second that everything else suffers.

The server at our remove office reads the cgi file of the camera on TCP port 80.  I'm wondering if dropping the packets is the smartest way to do this or not.

(config-if)#rate-limit out access-group 110 90000 1000 2000 conf trans exceed drop
This is a Dialer interface so my options are somewhat limited.
thx!
interface Dialer0
 bandwidth 400
 ip address negotiated
 no ip unreachables
 ip nat outside
 ip virtual-reassembly
 rate-limit output access-group 110 88000 1500 2000 conform-action transmit exceed-action drop
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 fair-queue 64 16 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname name
 ppp chap password 7 paswerd
 ppp multilink
 ppp multilink fragment delay 20
 ppp multilink interleave
 crypto map aesmap
 ip rtp reserve 4569 4569 200

Open in new window

0
Comment
Question by:sean-keys
  • 2
  • 2
4 Comments
 
LVL 17

Expert Comment

by:MAG03
ID: 35175194
you could use a policy map to limit the bandwidth for the camera or police it.

access-list 1 permit <ip add of camera>

class-map IPCAM
match access-group 1

policy-map LIMIT-BW
class IPCAM
bandwidth percent 10

interface dialer 0
service-policy out LIMIT-BW

instead of using percent you can enter the actual bandwidth you want it to use.  Or you could also configure policing where if it reaches a certain bandwidth usage traffic gets dropped.
0
 

Author Comment

by:sean-keys
ID: 35194171
That makes more sense to me.
Am I right in saying this:
    If you drop TCP packets then the receiver wont generate the acks so it will request the same packet again? Causing more traffic than simply delaying the packet.

When you use a bandwidth limit does it delay the packet or drop it ?

0
 
LVL 17

Accepted Solution

by:
MAG03 earned 500 total points
ID: 35199221
--->If you drop TCP packets then the receiver wont generate the acks so it will request the same packet again?
yes that is correct, the sender doesn't receive the ack from the receiver so the sender sends the packet again after a short wait.

--->When you use a bandwidth limit does it delay the packet or drop it ?
regardless of which method you use packets will be dropped if the conditions are exceeded. In the configuration I gave above, yes packets will be dropped if they exceed the 10% bandwidth. The other option to use is traffic shaping. this method will allow excess traffic to be queued for delivery up to a configured limit above the configured bandwidth (excess burst). Of course, if traffic exceeds the excess burst then that traffic will be dropped.

an example of traffic shaping:

 access-list 1 permit <ip add of camera>

 class-map IPCAM
 match access-group 1

 policy-map LIMIT-BW
 class IPCAM
 shape average 100000 10000 10000
 
 interface dialer 0
 service-policy out LIMIT-BW

In this example the first number is the committed information rate (ie bandwidth). The second number is the committed burst which is the normal allowed burst size. The third is the excess burst size. Any traffic that exceeds the excess burst will be dropped.

On another side you could leave out the excess burst and just live with the committed burst.
0
 

Author Closing Comment

by:sean-keys
ID: 35200605
Awesome answer!
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SNMP v3 Encryption of encoded messages 3 46
how to access my server 9 43
Read-only SNMP string example ? 7 76
Getting locked out and can't access Cisco via the web 18 40
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now