[c-nsp] Limit traffic for each PC

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Fri Oct 14 04:30:39 EDT 2005


Jeff Kell <mailto:jeff-kell at utc.edu> wrote on Thursday, October 13, 2005 8:15 PM:

> Oliver Boehmer (oboehmer) wrote:
>> Bartosz Piec <> wrote on Thursday, October 13, 2005 5:58 PM:
>>> Krishnan Kuppuraj napisał(a):
>>>> Yeah, you may have to create two separate ACL's [one for each PC]
>>>> and define /Traffic-Shape Group /in Router's Ethernet/VLAN  Port.
>>> 
>>> But the number of PCs in my network is above 40. Will the router be
>>> able to manage with that number of ACLs?
>> 
>> this might not scale. To do this on a larger scale without
>> performance overhead, you need a feature called Per-user Microflow
>> Policing. To my knowledge, this is currently only available on the
>> Cat6k/Sup720 scaling up to several thousands of "PC's" (i.e.
>> addresses). I think there is also a new product doing much more than
>> this, don't know the details.    
> 
> If you want hard limits, have you tried storm-control on the ports?

right, if the closet switch connecting to each individual PC is sophisticated enough, one could apply per-port policing there..

	oli



More information about the cisco-nsp mailing list