|
List Info Thread: Rate-Limiting.
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
Rate-Limiting. |
|
List Info Thread: Rate-Limiting.
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
robsherrard.com> wrote:
> I've got a situation in which I'd like to rate limit
a few servers
> that hang off of my 6590's... it appears that this can
only be done
> on a layer 3 interface. These servers however aren't,
they simply on
> a switch port / access. Aside from hard setting the l2
interface to
> 10mbit, can anyone think of another creative way to do
this? Is one
> option moving these servers into a separate VLAN, then
rate-limiting
> from there?
Is rate limiting by source IP address an acceptable to you?
If so,
then you could do it that way. An untested example that
should set
you out in search of the necessary doc:
class-map match-all cm-src-specific
match access-group name acl-src-specific
!
interface Vlan99
service-policy input sp-rate-limit
!
policy-map sp-rate-limit
class cm-src-specific
police flow mask src-only 1000000 4000 conform-action
transmit exceed-action drop
!
ip access-list extended acl-src-specific
permit ip any any
John