[c-nsp] Rate limiting but on packet count not bandwidth
Ross Vandegrift
ross at kallisti.us
Wed Dec 17 11:25:11 EST 2008
On Wed, Dec 17, 2008 at 04:00:56PM +0100, Primoz Jeroncic wrote:
> Hi guys
>
> Does anyone have any idea if rate limiting traffic based on packet
> count would be possible on Cat3550/3560/3570 or any Cisco router?
> I would need to limit some users which don't generate much of
> traffic (only about 5 or 6Mbps), but packet count is huge (30k+ per sec).
>
> So is there some option to limit their fraffic to let's say 5000packets/sec
> regardless on bandwidth they use?
I've wanted this on Catalyst platforms for a long time, it doesn't
really exist. On your platforms, you should be able to apply unicast
storm-control to control the number of pps on a per-physical port
basis, but you can't write a QoS policy that can be applied in
general. Doesn't seem to be any way to do it on a VLAN. If you
enable it on a trunk port, all VLANs will be dropped when one exceeds
the threshold - probably not what you want.
Ross
--
Ross Vandegrift
ross at kallisti.us
"If the fight gets hot, the songs get hotter. If the going gets tough,
the songs get tougher."
--Woody Guthrie
More information about the cisco-nsp
mailing list