[nsp] Example code of how to "rate limit" a port on a 3550

Skeeve Stevens skeeve at skeeve.org
Thu Jul 1 10:36:23 EDT 2004 

No way to control the speed someone can send out huh?

Darn... We just had someone get a worm and massacre out upstream network
with 20mb of sustained traffic... What a pain!

You rock Mat ;-)

...Skeeve
 

-----Original Message-----
From: Matthew Crocker [mailto:matthew at crocker.com] 
Sent: Friday, 2 July 2004 12:20 AM
To: skeeve at skeeve.org
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] Example code of how to "rate limit" a port on a 3550



This is what I use,  works pretty well for me.
!
!
mls qos
!
class-map match-all allip
	match access-group 100
!
policy-map 1mbps
	class allip
	  police 1000000 32000 exceed-action drop policy-map 2mbps
	class allip
	  police 2000000 32000 exceed-action drop !
int f0/1
  service-policy input 1mbps
!
!
access-list 100 permit ip any any
!
!


This only works to police packets as they enter the switch port.   You 
can't use 'match access-group' in a output service-policy on the 3550.

-Matt

On Jul 1, 2004, at 9:52 AM, Skeeve Stevens wrote:

>
> Ok.  I have a 3550 with layer 2 and 3 ports running.
>
> I want to do a very simple thing and rate limit some layer 3 ports to 
> the amount of bandwidth they can use.
>
> I don't particularly want any fancy QoS or anything like that, but 
> simply want to limit a port, for example to 4MB inbound and 10MB 
> outbound.
>
> If anyone knows how to do this as the rate-limit command isn't on the 
> 3550.
> Example code would be nice as I know absolutely nothing about QoS.  
> Thanx.
>
>
> .Skeeve
>
>
> _______________________________________________________
> Skeeve Stevens, RHCE     Email: skeeve at skeeve.org
> Website: www.skeeve.org  - Telephone: (0414) 753 383
> Address: P.O Box 1035, Epping, NSW, 1710, Australia
>
> eIntellego - skeeve at eintellego.net - www.eintellego.net 
> _______________________________________________________
> Si vis pacem, para bellum
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


========================================================================
 Pain free spam & virus protection by:          www.mailsecurity.net.au
 Forward undetected SPAM to:                   spam at mailsecurity.net.au
========================================================================

More information about the cisco-nsp mailing list