Per user bandwidth rate limit.

Similar Messages

• Cisco WLC 5508 - WLAN Per-User Bandwidth Contracts

  Hi,
  I setup per-user bandwidth contracts on my guest anchor controller. The controller model is 5508 and firmware is 7.4.121.0.  No Qos settings were configured on the foreign controllers.
  The bandwidth limits for the WLAN worked correctly for a couple of weeks, then speed reduced to almost nothing. I removed the WLAN bandwidth limits and speed was back to normal again.
  Has anyone else run into this issue? Any ideas why it might have happened?
  Thanks,

  If Scott does not mind an add-on.  The 3850 also supports per client QOS.
  Page 16 - 
  http://www.cisco.com/c/dam/en/us/products/collateral/switches/catalyst-3850-series-switches/guide_c07-727066.pdf

• Service-Policy Or Bandwidth Rate Limit for IP

  Hii Netpros,
  Is this possible to configure the Service Policy(for Bandwidth) or Bandwidth Rate Limit for Single IP. For eg: If we want to configure the Service Policy(for Bandwidth) or Bandwidth Rate Limit of 2Mb for only IP " 10.10.10.3" on network  i.e the Host or device which is configured with this IP can access upto 2Mb only.
  Actual Network :-   We need this to configure this for wireless customers, Actually we have created one Vlan 2 (IP:- 10.10.10.1/29 @ our end router) , 10.10.10.2 on Basestation wiresss device (Vlan 2 allowed on this wireless device) and this wireless device is working as point to multipoint wireless. i.e 2 or more then 2 wireless customers or last mile will connect to this basestation wireless.  Wireless customer-1 is 10.10.10.3 (2Mb bandwidth)  and Wireless Customer-2  10.10.10.4 (512Kb).
  Hence we require to limit the bandwidth for this 2 wireless customers having different bandwidth. how to acheive & control bandwidth @ our end router for them. please suggest.
  Thanks

  This topic is probably better suited in another Infrastructure forum, but I suppose it depends on which features are supported by your Cisco hardware and software. This doc discusses a variety of options:
  http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpolsh.html
  For example, with the older CAR (committed access rate) approach:
  interface FastEthernet5/0
       rate-limit input access-group 101 20000000 [normal burst size] [excess burst size] conform-action transmit exceed-action drop
       rate-limit input access-group 102 5120000 [normal burst size] [excess burst size] conform-action transmit exceed-action drop
  access-list 101 permit ip 10.10.10.3 0.0.0.0
  access-list 102 permit ip 10.10.10.4 0.0.0.0
  You can observe CAR in action with "show interfaces fa5/0 rate-limit" for example.

• User based rate limit

  Hi,
  Iam looking for a way to Rate Limit - Vlan interfaces,
  Somting like this .. or do I need to change the service-policy to rate-limit for it to work
  Interface Vlan2
  Description Customer-A
  service-policy input police-customerA-traffic
  service-policy output police-customerA-traffic
  ip address 10.10.10.1 255.255.255.252
  Interface Vlan3
  Description Customer-B
  service-policy input police-customerB-traffic
  service-policy output police-customerB-traffic
  ip address 10.10.11.1 255.255.255.252
  Interface Vlan4
  Description Customer-C
  service-policy input police-customerC-traffic
  service-policy output police-customerC-traffic
  ip address 10.10.12.1 255.255.255.252
  Interface GigabitEthernet3/1
  Description Trunk - Customer-A - Customer-C
  switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 2,4
  switchport mode trunk
  Interface GigabitEthernet3/1
  Description Trunk - Customer-B
  switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 3
  switchport mode trunk
  Is that posible ??, or do i need to make user based rate limit based on Source / destination adresses, and move the service policy to the physical interface ??
  Hardware in this case Cisco 7609 running MPLS
  Thanks in advance.
  /Peter

  Can you explain your network topology a little?. This would help me to understand your network setup and help you in this issue accordingly.

• R12 Restrict Parallel Concurrent Requests Per User to a Limit.

  Hi everyone,
  Is it possible to restrict parallel concurrent requests per user to a limit.
  e.g. UserA sending concurrent requests to submit 15 heavy reports one after another. After 2 minutes he feels free. Now 15 reports running in parallel are heavy enough to take system's performance down. Is there a way to restricting parallal reports by a single user to 5.
  Waitning........
  Regrads,
  M. Farooq Khan.

  Hi,
  Please check the profile optiion
  Concurrent:Active Request Limit
  Thanks,

• Bandwidth Rate-Limit -w- WWR-Queue

  How would one convert a layer-2 port's "switchport rate-limit" bandwidth statement, on a 6509 -w- WS-X6748-SFP ports, to a routed/layer-3 "wrr-queue" bandwidth statement policy? Basically trying to hard-core the port's speed to 20MB.  Current/tested layer-2 port bandwidth setting:
  rate-limit input 20000000 5000 5000 conform-action transmit exceed-action drop
  rate-limit output 20000000 5000 5000 conform-action transmit exceed-action drop
  Got lost in how to use/configure all WRR's four queues... just need to limit the port's bandwidth to 20MB.  Any suggestions would be appreciated.
  Thanks, Kevin

  1) Enabled QoS globally...
  2960(config)#mls qos
  2) Configure an ACL to define the matched traffic...
  2960(config)#access-list 111 permit ip any any
  3) Configure a class map for the matched traffic...
  2960(config)#class-map traffic
  2960(config-cmap)#match access 111
  4) Configure a policy-map to define action...
  2960(config)#policy-map Control
  2960(config-pmap)#class traffic
  2960(config-pmap-c)#police 10000000 8000 exceed-action drop
  5) Attached the policy-map to the interface.
  a) Example
  -In this case, I'll attach the policy map to port_1....
  2960(config)#int fa0/1
  2960(config-if)#service-policy input Control
  >>>>>> This will rate-limit traffic coming from the PC

• QoS bandwidth rate limit don't work

  Hello
  Buy a router RV120W, and one of the reasons is limit of bandwidth (QoS). I set up a profile of 1-256 kbps limit, and apply it to the only VLAN that is configured, but does not work and can navigate using the full bandwidth of the internet connection. My firmware version is 1.0.2.6
  Screenshots attached
  thanks
  screenshots attached

  Struggling with a similar issue:
  the setup: internet adsl <--1mbs--> combined router/modem <--100mbs--> RV 120W
  Internet speed is 1mbs. I want to priotize voip calls (via port) and deprioritize one machine (doing downloads). rest of the network should have something in between.
  Firmware upgraded to 1.0.3.10
  I created the profiles bindings, then in QoS settings, selected Priority, Wan total bandwidth 1mbs, and distributed my profiles onto low/med/high (10/31/61).
  When what should be low is downloading, it gets the whole 1mbs and the other are dead slow.
  Changed to rate limit, changed the parameters, etc... no more luck.
  Can you please shed some light as how to configure this - in my case, the whole bw of wan is being used, and prioriization is not happening,
  Rgds

• 7609 RSP vlan based internet bandwidth rate limit

  Hi,
  I have a requirements to restrict the bandwidth for CORP internet users in our metro network, Could you check this template is good to go for to restrict the download and upload speed in Users WAN interface which is VLAN, my bandwidth limitations is 5  Mbps downlink and 5 Mbps uplink.
  class-map match-all corp_traffic1
    match access-group name corp_traffic
  policy-map CORP_ingress
    class corp_traffic1
      police 5000000 500000 conform-action transmit exceed-action drop
  ip access-list extended corp_traffic
  permit ip 172.25.5.0 0.0.0.255 any
  permit ip any 172.25.5.0 0.0.0.255
  Interface vl 351
  service-policy input CORP_ingress
  service-policy output CORP_ingress
  Thanks&Regards
  -Saji

  Riccardo,
  Thank you for your response..
  I have RSP as SUP and ES20 as uplink card..
  but I have clarfication...Is service policy input is realy required...
  It seems input position is not working from this below logs..It is not matching the same
  ABR#sh policy-map interface vlan 3xx
    Service-policy input: CORP_ingress
      class-map: corp_traffic1 (match-all)
        Match: access-group name corp_traffic
        police :
          5000000 bps 156000 limit 156000 extended limit
        Earl in slot 1 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
        Earl in slot 2 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
        Earl in slot 3 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
        Earl in slot 5 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
      Class-map: class-default (match-any)
        0 packets, 0 bytes
        5 minute offered rate 0000 bps, drop rate 0000 bps
        Match: any
          0 packets, 0 bytes
          5 minute rate 0 bps
    Service-policy output: CORP_ingress
      class-map: corp_traffic1 (match-all)
        Match: access-group name corp_traffic
        police :
          5000000 bps 156000 limit 156000 extended limit
        Earl in slot 1 :
          3739884 bytes
          5 minute offered rate 20576 bps
          aggregate-forwarded 3739884 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 17464 bps exceed 0 bps
        Earl in slot 2 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
        Earl in slot 3 :
          105048931 bytes
          5 minute offered rate 539032 bps
          aggregate-forwarded 105048931 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 545760 bps exceed 0 bps
        Earl in slot 5 :
          0 bytes
          5 minute offered rate 0 bps
          aggregate-forwarded 0 bytes action: transmit
          exceeded 0 bytes action: drop
          aggregate-forward 0 bps exceed 0 bps
  I will post more update on this...as I am waiting for the clients to test the same..

• AAA accounting for per-user data amount limit

  Hello,
  I don't have too much experience with AAA, and I want to implement the following:
  - I have a FreeRadius, ASR1001-X with IOS XE
  - I want to keep records of how many data is consumed by each user
  Any suggestion will be welcome.
  Thank you.

  Just for information i post these links
  1. http://www.linuxquestions.org/questions … er-715490/
  2. http://www.linuxquestions.org/questions … ge-617928/
  3. http://www.linuxquestions.org/questions … asis-8674/

• WLC user rate limit on guest ssid anchor controller

  Hi,
  I have been looking through the forums & some cisco documents but not found a good example similar to what I am seeking to do so now I am turning to the expertise of my peers.
  We have been deploying 3502 APs remotely to locations with full T1s that backhaul to where I sit at HQ.
  Both the foreign and anchor controller are here at my location.
  I am seeking to rate limit per user the bandwidth each client will get on the guest internet ssid.
  As you know this traffic is encapsulated in capwap between the AP and the controller so I cant use a standard ACL on the switch or router.
  We are trying to keep the guest internet access usage in check on the T1 at any given site so the other ssid's & local lan traffic is not overly competing for the bandwidth.
  I found the place to edit the default profiles in the controller but the documentation really isnt clear on best practices.
  So I put it to you my fellow wireless engineers to suggest how you are implementing bandwidth management on your wireless guest internet.
  Thanks guys!           
  Oh and here is my hardware & software levels.
  5508wlc - forgeign
  4402wlc - anchor
  Software Version
  7.0.230.0

  Amjad,
  Thank you for taking the time to respond as well as the document link.
  It was pretty clear on the steps and what it would impact.
  Two things that push me for a different solution (assuming their is one).
  Note The values that you configure for the per-user bandwidth contracts affect only the amount of bandwidth going downstream (from the access point to the wireless client). They do not affect the bandwidth for upstream traffic (from the client to the access point).
  As you can see from the above note taken out of the linked document the roll based rate limit doesnt really rate limit the T1 traffic any guest user consumes it only limits usage from the AP down to the client.
  #1 I am looking for a solution that limits the users up & down streams (if possible) & also before it leaves the AP for the T1.
  The idea is to limit WAN utilization.
  #2 I read in the forums here others asking about the "user role" and saw some comments saying it is not considered "best practice" to use user roles.
  Let me clarify that our guest ssid's are using the http webpage pass through for authentication and it is really only the tic mark to indicate they understand the terms and conditions of using our internet as a guest service. No actual user accounts are used on the guest ssid's.
  ***One last question about this and any other changes***
  Will any change I make be on the "Foreign, Anchor" or both Controllers?

• Bandwidth Management(Rate Limit) Using QoS Policies

  Hello,
  I need some advice. We have an ASA 5525 running version 8.6(1)2 and a 10 MG pipe. I have execs that want to limit bandwidth on users for stuff like youtube, stream media, and downloads. I found the article on ‘Bandwidth Management(Rate Limit) Using QoS Policies’ so it appears our firewall can do what we want. I’m not a cisco person. My knowledge is limited when it comes to configuration – that’s why we have SmartNet :). The advice I need is what to ask for, so to speak, when I put a case in. Can bandwidth be limited on end users and/or can they limit the ‘bandwidth rate limit’ to just youtube, steaming media, and downloads? If so, what should the limit be? and I’m assume this would be for ‘incoming’ traffic only? we’re running into some bandwidth hogs – usually youtube and/or streaming media. We have a Barracuda web filter which we’ve used to block and monitor activity but I simply do not have time to babysit this all day. I should also mention we do have critical data running up and down the pipe; such as credit card processing, DB replication between in house DB and hosted website, TPCx and EDI, FTP, and such that we don’t want restricted.
  Need input please,
  Thanks,
  D

  Hello,
  That's a question that you as the network admin of that organization could answer.
  How much traffic for business purposes must travel via HTTP/HTTPS?
  How much bandwith are you willing to provide to this 2 protocols?
  Those are the kind of answers you need to answer before setting the number
  Regards
  Remember to rate all of the helpful posts, Just click the 5 stars at the left of each post
  Julio

• Per-user bandwith contracts

  Hello,
  One of our customers have one Cisco WLC 2100 (firmware 5.2) with 4 AP Mesh 1522, in a city deployment. In order to achieve local regulatory, has to implement bandwidth limitations per user.
  I got screen captures of WLC QoS Profiles options, with Average Data Rate in Per-User Bandwidth Contracts.
  So my question is, do I need any other equipment to achieve per user bandwidth limitation? Can it be done with WLC QoS options?
  If any other equipment needed, which one could I use?
  Kind regards.

  Hello,
  Yes, you can modify your settings for per-user bandwidth contracts based on a specific QoS Profile on the WLC. You can then set your various WLANs to the desired QoS profile. The instructions to do so can be found here:
  http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/configuration/guide/cg_controller_setting.html#wpmkr1254539
  There are a few caveats with this configuration:
  1. To modify QoS roles on the WLC, you will need to disable the radio networks on the WLC, so there will be an outage during configuration.
  2. The per-user bandwidth contracts on the WLC are applied in the downstream direction only. In other words, the wireless clients will not have limited upload capability.
  Other solutions may exist on your switch/gateway devices depending on their available features.
  -Patrick Croak
  Wireless TAC

• Limiting Bandwitdth per user with WLC

  Hi,
  Is there anyone who can provide a deeper explanation for "Per-User Bandwidth Contracts (k)" on the "Edit QoS Profiles" menu of a Wireless LAN Controller 4402? Does it limit each value to 0 to 60 Kbps as maximum ONLY, as indicated on the Help window?
  I want to limit 512 Kbps per user (client attached to an AP) not for WLAN.
  I read http://www.cisco.com/univercd/cc/td/doc/product/wireless/hahcont/contc.htm#wp1041926 but it is not sufficient.
  I know I can do it with 3rd party equipments, but it is possible only with APs (1010, LAP1231), Cisco switches and WLC 4402?
  JVC

  Yes I think your assumption is correct. "Per-User Bandwidth Contracts (k)" limits each value at the maximum. This I think I have read in a document stating this information.

• Limit bandwidth per user/computer using Catalyst 3560 switch

  Hi -
  Can someone help me getting started (if at all possible...) with enabling controll of used bandwidth at a "per-user"-level.
  I wonder if it possible to do this dynamicly with respect to the overall demand from other users.
  I've searching a lot, but I'm missing the terminology :) 
  Sincerly
  Nicholas

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  To my knowledge, what you want to accomplish isn't possible on a 3560.
  You can police at ingress, and if you use a policy map, you can police different "known" IPs.
  What you could do, is police user ports ingress at some nomimal bandwidth, and if exceeded, mark the packets.  Then on egress, you could direct those packets to an different egress queue with a lower bandwidth guarantee than the normal queue.

• Per Wlan - Rate-Limit

  Hello, anyone know if its possible to set a maximum bandwidth for the entire wlan or for entire Vlan in the WLC 5508 ?
  Thanks

  This is a big desire for us too.
  You can do this multiple ways on the infrastructure:
  if using 6500s, you can use user-based rate limiting
  you can do this on various firewall products such as pfsense.
  You can use ingress & egress queuing on the switch, but it may not work as desired.
  We settled on using ip-nbar & policy routing for now to clamp down on file sharing protocols and also download urls with various extensions such as .iso, .dmg, .zip.....
  The challenge we found with per user limiting was that few solutions support the client count/demand that we see.
  If your environment is more spread out, you may have better luck with traffic policing and/or shaping at the switch level.
  As per wlan rate limiting, it will really depend on your infrastructure hardware & IOS supported functions.
  I agree about not shaping over the air, keep as much extraneous traffic off the air as possible.