Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 2621 rate-limiting?

Status
Not open for further replies.

arisythila

Technical User
Jun 3, 2006
43
US
Hello, I have a cisco 2621 router. I cannot seem to figure out how to work rate limiting on this router. Does anybody know of a how-to guide to do it?

Thanks

~Michael
 
Put the rate limit on the interface...for example, mine is for incoming ftp
rate-limit output access-group 110 256000 1500 2000 conform-action transmit exceed-action drop
This keeps the limit to 256K...
access-list 110 permit tcp any 10.69.69.2 eq ftp
It's called CAR...

Burt
 
Well basically, this is what I'm trying to do. I'm a beginning web hosting company. I do dedicated servers, Colocation, ect ect. Currently if I need someones IP rate-limited. I call into the datacenter, I tell them I need 207.x.x.x rate limited to 2MB. They do it for me. I find sometimes it takes up to 2 weeks to get this rate limiting done. In that time frame. I get hit with a pretty nice bill. Currently, I have a 100MB pipe. I asked them if my router would do it. They told me, "yes it will", "sweet how do you do it?", "Thats my secret." Oh alright.

So basically I'm looking for a more internal way to rate limit without them, being they take awhile to get it done.

Thanks

~Michael
 
Sorry may have misunderstood you. I thought you said CAR was for rate-limiting ports. not IP's.

Thanks for the reply!

~Michael
 
I just saw this.

CAR is supported on these platforms:

•Cisco 7000 series with RSP7000

•Cisco 7200 series

•Cisco 7500 series

Will CAR work on the 2621?
 
Wow---that may be an old doc...
I have a 2620XM that I use it on, and it works.

Burt
 
K. I have a newer IOS, I believe 12.2(20) Thanks Burt!

~Michael
 
Do you know of any other docs that of more of a how-to? I guess I don't really understand this doc.

~Michael
 
I will look...right now, I am dealing with my 2 year old and 3 year old boys...lol

Burt
 
Your telling me, I work from my home mostly. My 19mo Son keeps me on my toes. I have a 100MB internet connection, One of my customers used 40mb of bandwidth last month, and hes only paying for 5mb I have no other way of limiting these people really. Need a good way of doing this stuff.

Thanks Burt for your help.

~Michael
 
Well, rate limiting will only limit amount of bandwidth...which is what you want...right?
I feel for ya bro---19mo boy...every now and the one or the other cries at 2 or 3 in the morning..."I wanna sleep in your bed, mommy and daddy"
Is this any traffic, or a specific protocol?

If not, then do they have a static IP?

Burt
 
They have a Static IP address. I basically need to be able to rate limit them to 5MB download and upload.

So instead of downloading/uploading @ 100mb/sec they only download/upload @ 5mb/sec

Does this make sense?
 
Yes. Let's say that fa0/0 is the outgoing interface...

router>en
router#conf t
router(config)#access-list 101 permit ip host x.x.x.x any
router(config)#int fa0/0
router(config-if)#rate-limit input access-group 101 5000000 5000 5000 conform-action transmit exceed-action drop
router(config-if)#rate-limit output access-group 101 5000000 5000 5000 conform-action transmit exceed-action drop
router(config-if)#end
router#

That should do it. I don't have a lot of experience with rate-limiting, but it did work when I had an FTP server, and a lot of people accessing it. I limited them all to 56KBps...ha ha ha. I only have a 3MB line. Finally, the psu crapped out, and I haven't done anything with it since.

You can test it out with a laptop going to your house...hopefully it works for you. Good luck.

Burt

 
One more thing...without the access list, it will limit all traffic, and the statements would be
rate-limit input 5000000 5000 5000 conform-action transmit exceed-action drop
and no access-list.

Burt
 
my outgoing IP address is a 192.168. address.

interface FastEthernet0/0
ip address 192.168.16.6 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 207.14.32.225 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
!

I would use my FastEthernet0/1 then right?

~Michael
 
Why does one need NAT?

my 207.14.32.225-207.14.32.254 are all my external IP's.

207.14.32.225 is actually my router on the inside.

the 192.168.16.6 is my outside (connected to the internet)

It's weird how they do the routing.

I tried what you listed above, Doesn't seem to be working.

Thanks Burt.

 
birdhost-gw#show ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IK9O3S3-M), Version 12.3(22), RELEASE SOFTWARE (fc2)
Technical Support: Copyright (c) 1986-2007 by cisco Systems, Inc.
Compiled Wed 24-Jan-07 16:48 by ccai
Image text-base: 0x80008098, data-base: 0x81A11604

ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
ROM: C2600 Software (C2600-IK9O3S3-M), Version 12.3(22), RELEASE SOFTWARE (fc2)

birdhost-gw uptime is 7 weeks, 4 days, 21 hours, 17 minutes
System returned to ROM by power-on
System restarted at 09:24:13 PST Sun Nov 25 2007
System image file is "flash:c2600-ik9o3s3-mz.123-22.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco 2621 (MPC860) processor (revision 0x200) with 61440K/4096K bytes of memory.
Processor board ID JAD05100HQM (2378116446)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top