Rate-Limiting.

• Previous message (by thread): Rate-Limiting.
• Next message (by thread): Rate-Limiting.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm really interested in rate limiting outbound... with many unknown 
dest IP's.

Rob

John Kristoff wrote:
> On Thu, 30 Mar 2006 15:56:02 -0800
> Robert Sherrard <rob at robsherrard.com> wrote:
>
>   
>> I've got a situation in which I'd like to rate limit a few servers
>> that hang off of my 6590's... it appears that this can only be done
>> on a layer 3 interface. These servers however aren't, they simply on
>> a switch port / access. Aside from hard setting the l2 interface to
>> 10mbit, can anyone think of another creative way to do this? Is one
>> option moving these servers into a separate VLAN, then rate-limiting
>> from there?
>>     
>
> Is rate limiting by source IP address an acceptable to you?  If so,
> then you could do it that way.  An untested example that should set
> you out in search of the necessary doc:
>
>   class-map match-all cm-src-specific
>    match access-group name acl-src-specific
>   !
>   interface Vlan99
>    service-policy input sp-rate-limit
>   !
>   policy-map sp-rate-limit
>    class cm-src-specific
>     police flow mask src-only 1000000 4000 conform-action transmit exceed-action drop
>   !
>   ip access-list extended acl-src-specific
>    permit ip any any
>
> John
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20060330/c24b7402/attachment.html>

• Previous message (by thread): Rate-Limiting.
• Next message (by thread): Rate-Limiting.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]