If you followed my recent Cisco Catalyst rate-limiting post, you already know that policing traffic on a Cisco Catalyst switch requires a bit of thought. Mainly, you have to do a bit of calculating to determine the best bucket size for your application. The good news is that achieving the same affect on a Cisco IOS-based router is much easier.
You can enable shaping on an interface (or sub-interface) in three easy steps. Just remember: class, policy, interface.
class-map match-any CLASS_SLAP match any
On the router, we have the ability to tell the class map to match any traffic.
This is in contrast to the Catalyst switch where we had to specify an access-list
to match on. This saves us a step and achieves the exact same results. In this
case, we are going to assign all traffic to the
policy-map POLICY_SLAP class CLASS_SLAP shape average 8000000
Now it's time to define our policy map. In this case, we're going to take any
traffic that matched the
CLASS_SLAP class (which, as you remember, is all
traffic) and apply a shaping policy to it. We use the
shape average 8000000
configuration command to limit our speed (the Committed Information Rate (CIR))
to 8 Mbps. Another configuration command available for a policy map is
bandwidth, which has a similar effect. Unfortunately, a policy map utilizing
bandwidth configuration command can not be applied to a sub-interface. This
limitation may not be a problem for you, though.
interface GigabitEthernet0/3.429 encapsulation dot1Q 429 service-policy output POLICY_SLAP
Finally, we need to apply the policy map to an interface using the
service-policy configuration command. In this example, I used a sub-interface
to make the example a little more applicable to real word circumstances. I've
also applied the policy map in the outbound direction. Thus, the users of VLAN
429 are only allowed to download at an aggregate of 8 Mbps.
Wasn't that easy? How do your own experiences compare?
UPDATE: I recently added a post that discusses rate limiting based on time of day. Check it out!