Creating a Ring with Ethernet?? Rate Limiting

This is a two question topic. I am in an office building and I want to provide ISP services to people throughout the building. I have 5 2900XL switches with fiber gigabit ports for uplinking to each other. I will put one switch in each floor for clients to plug into, and run fiber from floor to floor.
Using the equiptment I have (i.e. -- not special SONET equiptment or anything), how can I create a redudant ring so that if the fiber is broken traffic will flow in the other direction? I know SONET will do this, but I don't want to buy special equiptment for that.
Also, please remember this will need to be at layer-2 since these are only layer-2 switches, so using dynamic routing to handle the redudancy is not an option.
Finally, each client will be put in their own VLAN. How can I rate limit the outbound traffic? For example, I may want to sell a 6Mbps service and charge more for it than a 3Mbps service.
Is there any way I can use what I have to do what I need? If not, what additional equiptment do I need to buy?

Hi,
You can certainly daisy chain them into a ring type topology, and Spanning Tree Protocol will block one of the redundant links to prevent a loop.
A better, (but more costly design) would be to have two additional switches and dual home all of the 2900xl switches to the "core switches." That will give you redundancy as well as keeping traffic flow such that the 2900 switches aren't used as "transit" switches for devices communicating between non-contiguous switches. However, for 5 switches, this may be overkill :-)
As for rate limiting, the 2900XL series switches do not provide rate-limiting or policing features. They are fairly dumb Layer 2 devices and will not give you the option to limit the bandwidth on any port. The lowest-end switch that we currently sell that can do rate-limiting is the 2960.
HTH,
Bobby
*Please rate helpful posts.

Similar Messages

  • Short ring with Ethernet enabled

    My problem is that I only get one or two rings with ethernet enabled and connected at home. I am running iPhone 6 with iOS 8.2
    I first thought, this was an issue with iOS 8.3 beta and reverted (painful, since backups do not work backwards.) But the problem persists.
    I called AT&T. They had me disable LTE Voice and Data. That fixed it for a couple of calls. I disabled Data altogether. It did not change anything.
    I disabled Hand Off. I made sure, all devices had Notifications turned on. No dice.
    The only think that worked was turning of WiFi, which is not a good solution for all the data I use.
    Fresh out of ideas on this. Does anybody have any others?

    Looks like handoff is the current culprit! I clearly had the problem from other phones yesterday and reverted to 8.2.
    Today, I did my testing with my second iPhone - both are linked via Handoff. It looks like that creates a problem. Calling from a landline seems to work.

  • Creating loans contract with LIBOR rate?

    Is it possible to create a general loan associated with a LIBOR rate in order to calculate nominal interests according to the value of the LIBOR rate, each time the payment is realized.
    We do not want to enter LIBOR rates but to obtain these rates from the system as entered in OB83
    Thanks in advance

    Hi,
    For variable interest rates you need to add a new condition variable interest rates and then interest rate adjustment.  Then when you create the loans you just need to enter the reference interest with relevant mark up/down. 
    If you are managing loans using money market then you need to configure the above conditions.  If you are managing using loans, then maintain the same conditions under loans management configuration. 
    Please check that, in loans management, by standard it would be assigned to your loan if you are using a standard product type.  If it is already available, then you just need to add the relevant condition in your transaction.  Whenever the interest rate changes, there is an option to fix the interest rates which will pick up the entry from OB83 and then assigns it for that term.  Then you can post it. 
    Kindly search in the forum for variable interest rates to find more responses.  
    Regards,
    Ravi

  • Current outbound rate limiting capabilities

    Hello All,
    I have recently reviewed this thread from back in January-March: https://supportforums.cisco.com/thread/2002325?tstart=60 .  I have been facing the same predcament decrsibed be people in this thread.  That being end user machines get compromised and then send out large volumes of spam via legitimate accounts on our servers.  In our cases, the outbound from addresses have all been the actual user address.  The end user environment is ActiveDirectory & Exchange.
    If I cannot rate limit based on a sender address, then I am wondering if the 370D model would allow me to somehow define virtual gateways which would correspond to users found within a specific portion of my Active Directory environment.  For example, if all sales dept. staff were within a single AD OU, could I create a virtual gateway that corresponds to just these people and have that gateway set with different rate limits than another gateway which corresponds to a different group of users?
    Lastly, is it possible with any of the appliance models to define specific outbound rate limits for recipient domains?  For example, messages destined for hotmail.com would have a different rate limit than messages destined for gmail.com.  Would this functionality work with mixed recipient domains in the To: field?
    Thanks,

    Yes, you can define outgoing mail policy or outgoing content filter  based on sender's LDAP group (e.g. CN=West,OU=Sales,....) and then use a  filter action "Deliver from IP interface" to choose to deliver the  emails from selected IP interface.
    You can define delivery rate limit based on destination domain under 'Mail Policies'-'Destination Controls'.
    I recommend to enable antispam scanning for outgoing emails. You can add custom header if the message is a positively-identified spam.  Then you can use an outgoing content filter action to redirect spams to  be delivered from another IP interface or another mail host if outgoing  message contains the custom header. This can allow good and bad emails to be delivered from different IP interfaces.

  • Configuration of OTC Derivaties - with interest rates -CAPS-Floor - LBIOR.

    Hi guys,
    Please help me in sloving this issue,
    i have a requirement to configure OTC derivaties deals where in should create a contract with interest rates (CAPS & Floor prices).
    Can some one please throw some light on how the end-end transaction flows.
    My understanding is that a OTC -derivate contract can be created with either a Floor or CAP interest rate in TO01 and then
    settle the contract in TO04  - Post the deal in TBB1. Don't know what next.
    My Questions are
    what is next cycle process after we settle the deal and post the same in TBB1.
    how we do adjustments to interest rates - dont know how to use transaction code TPM80.
    how the treasury end user will do the valuation on the contracts every 3 months. what is the transaction used to do the valuation.
    Can some please let us know the transaction cycle flow of this.
    Awaiting your response.
    Regards
    karunakar

    Hi Ravi,
    Thank you very much for providing the information - this is very much help
    i have now fixed all the configuration issues , However am bit confiused the end- end transaction flow.
    Can you please provide us your inputs for the transaction flow.
    1.Creation of contract - TO01.
    2. Interest Rate adjustments - TI01 or TJ05        ( when should the user exactly will do this. i,e if i have created a contract with a  time period of 1 year and with a frequency of 3month LBIOR 3 - so will User run this transaction code at the end of 3rd month? Can you please share some knowledge on this.
    3. Do TBB1 - This is to post the deal to accounting ( i.e  imean to say this will create accouting entries).
    4.Valatuion TPM1 - did not understand what it exactly do's.
    Can you just please share the how the cycle runs for the following contract.
    A contract is created wth CAP -Pur-5% with an amount 1000$ with an time frame of 1 year and with a frequency of 3months.
    and will get matured after one year.
    Desprately awaiting your response.
    Karunakar.

  • BW Report with currency rates

    Hello,
    small question: Does anybody has generated a report in BW which is showing (only) the different currency rates (the ones from T-Code OB08)? (= sorry, newbie-question, I know...)
    At the moment we're creating a list with the rates in excel by coping the rates from SAP into Excel by hand - would be more fun to do this in an automated way...
    Thanks in advance, 
    Hansi

    Haven't tried it as I don't have the right to read in tables.

  • How can I create a new TC backup with ethernet, so I don't have to wait two days for a new wireless backup?

    How can I create a new TC backup with ethernet, so I don't have to wait two days for a new wireless backup?
    Several times in the last year, I've gotten a message that Time Machine needs to completely redo my backup. Using the wireless connection, this takes almost two days. Is there a way to do the backup with ethernet and then switch back to wireless? Thanks.

    May I know what is needed to make sure the MacBook is able to see Time Capsule on ethernet?
    Connect an Ethernet cable from one of the LAN <-> ports on the 2Wire gateway to the WAN port (circle of dots icon) on the Time Capsule.
    If AirPort Utility cannot "see" the Time Capsule now, you will need to perform a "hard reset" by holding in the reset button for 7-8 seconds or so and then reconfigure the Time Capsule. You can use the same Time Capsule name and password, etc. as before.
    Configure the Time Capsule to "Create a wireless network" and select the Bridge Mode option when it appears during the setup using AirPort Utility.
    Once the Time Capsule is configured, restart the entire network again. Power down everything, start the 2Wire first and then start each other device after that one at a time about a minute apart.
    Now you can connect your Mac directly to one of the LAN <-> ports on the Time Capsule for the backup using another Ethernet cable. In general, about 20-25 GB per hour will transfer.
    The Time Capsule will broadcast a much faster wireless network than the 2Wire can provide, so you might want to leave the setup "as is" for awhile after the first backup is complete. If you decide to use the Time Capsule as your main wireless access point, you would want to turn the wireless off on the 2Wire since two wireless networks in close proximity can create interference problems.
    Or, if you want to use the wireless on the 2Wire, you could turn off the wireless on the Time Capsule. Then backups will occur over the 2Wire wireless, or over Ethernet.
    I don't really recommend the "Join a wireless network" setting on the Time Capsule for most users, but you could go back to that setup as well if you want after the first backup is complete.

  • Is it possible to create a hot spot with Apple Airport Express 2nd Generation Dual Band Wireless Router, usefull in a hotel with ethernet wall sucket.

    is it possible to create a hot spot with apple Airport express 2 generation and use it i a hotel with ethernet wall socket and use it with my Ipad 2?

    HenrikAppleJespersen wrote:
    is it possible to create a hot spot with apple Airport express 2 generation and use it i a hotel with ethernet wall socket and use it with my Ipad 2?
    Yes, it is one of the things AirPort Express was specifically designed for.

  • SCCM 2012 - Creating a Collection with Limiting memebers to 5 or 10 Computers even the Memebership Query can pull 1000 members

    Dear Brothers,
    I am deploying a huge application (requires 45 Minutes to Install, 3 to 5 Restarts), and I need to limit the deployment to 5 computers at a time. Limiting my Network Load and also the availability of the computers in operation as it requires a successive
    Restart.
    My aim is to "Create" a "Collection" to focus on deploying the software to
    5 computers at a time. The collection that limits to 5 computers can help our production environment to focus on the total deployment time without disturbing other computers.
    Regards,

    I would use powershell to do this. Create a Collection with all the computers that should get the application.
    Then in powershell - get all the members of that Collection into a variable. Use that variable as a basis for creating new Collection and create some logic that takes 5-10 machines and put those into a new Collection and then takes the next 5-10 machines
    and so on.
    I guess you could also do it using a combination of Query and Exclude Collections membership rules, but you would have to do it manually.

  • WLC - Rate-limiting with QoS Roles

    We have a large number of locations that we would like to deploy the 2100 series wireless controllers. Among other things, we would like to provide generic rate-limiting to all users(per-user bandwidth limits). This is a hospitality guest access environment and content filtering is really not a concern. We would, however, like to prevent one or a few users from saturating the circuit at the expense of other users. It looks like the WLCs can handle this with a QoS Profile assigned to the guest wlan and bandwidth-limiting QoS Roles applied to each user. The issue we may run into is web-authentication needs to be disabled. There is another device on these locations that will be providing those services.
    Is it possible to apply a QoS Role by default to all users who associate to a controller without authentication? Also, if anyone has attempted this design model I would greatly appreciate some input on any unexpected or undesirable results you may have noticed.
    I appreciate everyones help.

    Thanks so much for such a quick response. I may be misunderstanding some of the documentation and would really appreciate some clarity. I am understanding a QoS Profile to be applied to one or more WLANs and all user traffic from clients of those WLANs will fall under the qos policy as a group(bandwidth limitations would be applied to all of the user traffic combined). For example, a profile capping downstream bandwidth at 1544kbps would limit all user traffic from all of the clients associated to that ssid at 1544kbps. If we were to assume some degree of fair bandwidth distribution and there are 10 users receiving traffic at a given time, then each user would receive no more than 154.4kbps. Or, are QoS Profiles actual templates that are applied to each user that associates to that ssid? For instance, if we consider a profile capping 1544kbps downstream applied to a WLAN with 10 users associated. Each user would be able to download up to 1544kbps and the full bandwidth usage for that WLAN would be 15440kbps.
    Thanks again for your help.

  • How to create an array of ring with a different items/values for each

    Hi All,
    i want an array of text ring with different items and values for each text ring. Do you have other solution if it does not work?
    thanks by advance

    0utlaw wrote:
    Hello Mnemo15,
    The properties of elements in an array are shared across all controls or indicators in an array, so there is no way to specify unique selectable values for different text rings in an array.  It sounds like what you are looking for is a cluster of ring controls, where each control can be modified independently.  
    Could you provide a more descriptive overview of the sort of behavior you are looking for?  Are these ring elements populated at run time?  Will the values be changed dynamically? Will the user interact with them directly?
    Regards,
    But the selection is not a property, it is a value... I just tried it and you can have different selections.  Just not different items.
    Bill
    (Mid-Level minion.)
    My support system ensures that I don't look totally incompetent.
    Proud to say that I've progressed beyond knowing just enough to be dangerous. I now know enough to know that I have no clue about anything at all.

  • Trouble with creating interlocking rings (olympic style)

    I'm trying to make interlocking rings (olympic style), but every single time I go to the pathfinder  and click "divide", so that I filll in the overlapping areas of the rings with different colors, it ttells me "the filter produced no results, please select one or more filled paths" even though I already selected the three overlapping rings. Im in adobe CS5.
    Please help!

    Select the art and then grab the Shape Builder tool...
    Then clikc-drag across sections you want to unify...
    The image below is an animated gif. It will not animate on the forum by default. Right-click/Control-Click the image and choose "Open Link in New Tab/Window" to view the animation.

  • Policy-map based rate-limiting per vlan

    Hi
    I was thinking if someone could help me to come up with solution to a problem. Scenario as follow:
    I have a trunk interface with multiple vlans on:
    interface GigabitEthernet2/0/3
    description TRUNK-to-*********
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 415,416,610,1191-1193,1195
    switchport mode trunk
    duplex full
    storm-control broadcast level pps 1k
    storm-control multicast level pps 3k
    storm-control unicast level pps 250k
    storm-control action trap
    spanning-tree portfast trunk
    spanning-tree bpdufilter enable
    I'm trying to rate limit two of the vlans that are present on this trunk interface - vlan 415 and vlan 1192.
    So I'm putting the class-map (to be later applied under the policy-map which is not significant here):
    (config)#class-map match-any 120-mbps-class
    (config-cmap)#match input-interface vlan 415
    (config-cmap)#match input-interface vlan 1192
    Now, when you show the class-map I created, I can see this:
    sh class-map 120-mbps-class
    Class Map match-any 120-mbps-class (id 1)
       Match input-interface  Vlan415
       Match input-interface  FastEthernet0
    For some bizzare reason class-map is matching the Fa0. I have researched this, and this is most probably because you can only match 1 vlan instance under the class-map.
    And here's my problem - I can't police whole interface as the other vlans should not be policed - how can I police those two vlans ?
    Any thoughts ? All help appreciated as always.
    Rob.

    Hi Daniel,
    I have labed it and unfortuantely it does not work as expected. I have put 1x 3750 and 1x 2960 trunk between them, each box had an access port for laptop to create some traffic across. All vlan-based qos has been applied on 3750G.
    3750G config
    Interface g1/0/20
    descriprion trunk
    swicthport trunk encapsulation dot1q
    switchport mode trunk
    switchport trunk allowed vlan 100,120
    Interface g1/0/1
    description access
    switchport mode access
    switchport access vlan 100
    Interface vlan 100
    ip address 192.168.100.254
    service-policy input PARENT-POLICER
    Interface vlan 120
    ip address 10.10.10.1
    Policy-map PARENT-POLICER
    class PERMIT-ANY-CLASS
    trust COS
    service-policy CHILD-POLICER
    class-map match-any PERMIT-ANY-CLASS
    match access-group name POLICY-LIST
    Extended IP access list POLICY-LIST
        10 permit ip any any
    Policy-map CHILD-POLICER
    class INTERFACE-POLICE-CLASS
      police 100000 8000 exceed-action drop
    Class Map match-any INTERFACE-POLICE-CLASS
    Match input-interface  GigabitEthernet1/0/20
    2960 config:
    interface g0/20
    switchport mode trunk
    switchport trunk allowed vlan 100,120
    interface g0/1
    switchport mode access
    switchport access vlan 100
    interface vlan 100
    ip address 192.168.100.253
    interface vlan 120
    ip address 10.10.10.2
    So as you can see vlan 100 is the one it need to be rate limited (I have only rate limited to 100kbps just to see if it's working) and vlan 120 is only on the trunk ports to confirm if the traffic  for this one is not affected.
    Unfortunately when the policing is applied on 3750 vlan 100 (and policing is working fine) then I can see the packet loss while pinging between switches on vlan 120 suggesting that the policy is affecting the other vlan as well. When I take the policy out of the vlan 100 I cannot observe the packet loss on vlan 120 meaning is no longer affected.
    Not sure if I have explained this clear enough so far, if not let me know.
    Do you have any suggestions ?
    Thanks!

  • Rate Limiting - Will Content Engine 590 solve my problem?

    We have a Cache Engine 550 deployed in our network which is great for reducing traffic on the Link to the Internet, however I have now run into a little problem with the device as we are now trying to implement Bandwidth Shaping using the existing Cisco infrastructure and thus the Cisco IOS.
    One of the IOS features concerned is Committed Access Rate (CAR).
    We would like to do some traffic shaping according to certain IP Protocols such as FTP, HTTP as well as rate limiting certain of our customers (IP Blocks) so that they don’t saturate the Serial link to our ISP.
    The problem we have is that the Cache Engine 550 replaces the original requestors IP with its own as it (the CE) now takes over as the requestor to the Internet – thus we have all HTTP traffic via our ISP having the source as that of the Cache Engine.
    Due to this we cannot “Rate-Limit” a particular customer (IP range).
    Question-------
    Does the Content Engine 590 (ACNS, ICDN) enable me to complete my task and control the Serial connection the way I would like to?
    Can I do a sort of “IP Spoofing” so that the original IP is still in place, but the Content Engine still does its job of Caching?
    I have already looked at the Packeteer – unfortunately it only has Ethernet ports.
    The WiseWan 401 with HSSI port looked promising, but I feel that even though it will do great shaping and graphs it will still not solve the problem of a saturated link upstream to the ISP (from the boxes point of view), I will still sit with packets being dropped and thus bandwidth wasted.
    Anyone out there with any other solution?
    Thanks in advance.
    Lutz.

    Hi,
    We have just implemented IP spoofing in version 4.2 of ACNS code. (Caching) which will only run on a 590/560/507/7320 cache.
    Version 4.2 sould be available at the end of July early August. This will slove you problem with identifing traffic to rate limit.
    Cheers
    Phil

  • Cisco firewall rate limited syslogs and MARS

    We're getting a ton of informational packets (tcp build / teardown) from firewalls here.  I can kill this at the source (drop to "notification" level, filter out the build / teardown events, etc.) but would rather not throw this stuff away (good clues in an investigation).
    I can filter this on the MARS side so rules don't fire, but that doesn't address the performance hit at the firewall, or the traffic on the network.
    I can rate limit at the firewall - if I do will MARS be able to parse this out properly - i.e if there's a rule that fires on a 100 count for example, and a firewall that's set to rate limit a certain event to, say, every 200 instances of the event, and single syslog shows up at MARS with rate limited information in the packet, will the MARS rule fire?
    hope this makes sense - thanks

    What kind of firewall are you running?  ASA?  FWSM?  Something else?
    If you're running an ASA, the ideal solution would be to implement Netflow Secure Event Logging (NSEL).  This feature uses Netflow v9 to handle security event logging along with traffic flow data.  Using NSEL can provide performance improvements over syslog, both on the ASA, and on your network. 
    Part of the configuration process includes a command to disable the redundant syslog types already handled by NSEL.  Many of those are the same types of logs you mentioned (buildups/teardowns, etc).  It's very simple to configure - you can read more about it here, in the ASA 8.2 CLI Configuration Guide:
    Configuring Network Secure Event Logging (NSEL)
    If you're running a FWSM, the same option isn't available.  Instead, you might want to reconsider disabling some of the log types that aren't really providing much benefit relative to the load.  In fact, Cisco themselves recommend disabling some of the more unimportant (but frequent) log types.
    From the "Cisco SIEM Deployment Guide", one of the "Smart Business Architecture" design guides (emphasis mine):
    At logging level Informational, Cisco recommends disabling the following messages, as they are of little interest for SIEM analysis:     305010: The address translation slot was deleted     305011: A TCP, UDP, or ICMP address translation slot was created     305012: The address translation slot was deletedTo disable these messages, use the following configuration commands:     no logging message 305010     no logging message 305011     no logging message 305012For more aggressive tuning, you may also consider disabling the following messages:     302014: A TCP connection between two hosts was deleted     302016: A UDP connection slot between two hosts was deletedIf dynamic Network Address Translation (NAT) is not configured on the appliance, message 302013 (for TCP connection slot creation) can also be disabled.
    So, that's at least 6 possible log types that can be disabled with no impact: 302013, 302014, 302016, 305010, 305011, and 305012.  And that's straight from Cisco's own documentation.
    Now, to expand on that ...
    - if 302016 (UDP teardown) can be disabled, why not 302015 (UDP create)?
    - similarly, what about 302020 and 302021 (ICMP)? Disable those as well?
    Final list:
    302013
    302014
    302015
    302016
    302020
    302021
    305010
    305011
    305012
    In the end, though, only you can determine which options are acceptable for your environment.
    Note: all 3020xx log types listed are disabled automatically during the NSEL configuration process.

Maybe you are looking for