Announcement

Collapse
No announcement yet.

Bandwidth Managment for Cisco

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Bandwidth Managment for Cisco

    Hi

    I have a Cisco 1841 Router. I am going to give solution to small business centre.

    I have total 35 Offices and I created 35 DHCPs started from192.168.1.1 to 192.168.35.1.

    I have a single Internet Connection around 40MB. I want to assign different Bandwidth CAPS on the Subnets. For example, 192.168.1.1 (Downloading 4MB and Uploading 1MB), 192.168.5.1 (Downloading 3MB and Uploading 256 kbps), 192.168.5.1 (Downloading 1MB and Uploading 128 kbps) etc..

    Any suggestion to start with?

    Do you think Cisco QoS will be easy to achieve this task.

    I am ready to use any thrid party tool as well to achive this task.

    Regards
    Kamal

  • #2
    Re: Bandwidth Managment for Cisco

    If I'm interpreting your requirements correctly and you will be providing this Internet connectivity for 35 different businesses, then that is a relatively major undertaking with significant financial and security implications, particularly if something goes wrong. As such, I would suggest this is something you need to hire a local consultant for.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Bandwidth Managment for Cisco

      Hi Gareth Howells

      Thank you very much for your advice. The setup is already up and running without any issue. But the users are experencing slow internet speed in the business hours if someone is downloading then it effects to all of the offices. I already have the Backup preconfigured Router incase if anything goes wrong. But normally, we do the changes on weekends.

      Regards
      Kamal

      Comment


      • #4
        Re: Bandwidth Managment for Cisco

        Ok. If you already have a system in place, then please post your config - we can't begin to make suggestions without knowing what you have already.
        Gareth Howells

        BSc (Hons), MBCS, MCP, MCDST, ICCE

        Any advice is given in good faith and without warranty.

        Please give reputation points if somebody has helped you.

        "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

        "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

        Comment


        • #5
          Re: Bandwidth Managment for Cisco

          IOS:c1841-adventerprisek9-mz.151-3.T.bin
          RAM:384MB
          FLASH: 256MB

          I posted only 5 Subnets config over here, rest of the 30 Subnets are same.
          ------------------------------------------------------------------------------------------


          BS#sh run
          BS#sh running-config
          Building configuration...

          Current configuration : 9072 bytes
          !
          ! Last configuration change at 15:58:03 GMT Fri Mar 25 2011 by Kamal
          !
          version 15.1
          no service pad
          service tcp-keepalives-in
          service tcp-keepalives-out
          service timestamps debug datetime msec localtime show-timezone
          service timestamps log datetime msec localtime show-timezone
          no service password-encryption
          service linenumber
          service sequence-numbers
          !
          hostname BS
          !
          boot-start-marker
          boot-end-marker
          !
          !
          security authentication failure rate 3 log
          logging buffered 51200
          logging console critical
          !
          aaa new-model
          !
          !
          aaa authentication login default local
          aaa authorization exec default local
          !
          !
          !
          !
          !
          aaa session-id common
          !
          clock timezone GMT 4 0
          dot11 syslog
          ip source-route
          !
          !
          !
          ip dhcp excluded-address 192.168.10.1 192.168.10.20
          ip dhcp excluded-address 192.168.2.1
          ip dhcp excluded-address 192.168.3.1
          ip dhcp excluded-address 192.168.4.1
          ip dhcp excluded-address 192.168.5.1
          !
          ip dhcp pool DHCP_SERVER
          import all
          network 192.168.10.0 255.255.255.0
          default-router 192.168.10.10
          dns-server 213.42.20.20 195.229.241.222
          lease 0 2
          !
          !
          ip dhcp pool vlan2
          import all
          network 192.168.2.0 255.255.255.0
          default-router 192.168.2.1
          dns-server 213.42.20.20 195.229.241.222
          lease 0 2
          !
          ip dhcp pool vlan3
          import all
          network 192.168.3.0 255.255.255.0
          default-router 192.168.3.1
          dns-server 213.42.20.20 195.229.241.222
          lease 0 2
          !
          ip dhcp pool vlan4
          import all
          network 192.168.4.0 255.255.255.0
          default-router 192.168.4.1
          dns-server 213.42.20.20 195.229.241.222
          lease 0 2
          !
          ip dhcp pool vlan5
          import all
          network 192.168.5.0 255.255.255.0
          default-router 192.168.5.1
          dns-server 213.42.20.20 195.229.241.222
          lease 0 2
          !
          !
          ip cef
          ip domain name bs.local
          ip name-server 213.42.20.20
          ip name-server 195.229.241.222
          no ipv6 cef
          !
          license udi pid CISCO1841 sn FCZ1134312N
          username admin privilege 15 secret 5 $1$GB4i$36jQbrmez6EJ2r14gY0EJ1
          !
          redundancy
          !
          !
          ip tcp synwait-time 5
          !
          !
          !
          !
          !
          !
          !
          interface FastEthernet0/0
          ip address 192.168.10.10 255.255.255.0
          ip nat inside
          ip virtual-reassembly in
          ip tcp adjust-mss 1412
          duplex auto
          speed auto
          !
          interface FastEthernet0/0.2
          encapsulation dot1Q 2
          ip address 192.168.2.1 255.255.255.0
          ip nat inside
          ip virtual-reassembly in
          !
          interface FastEthernet0/0.3
          encapsulation dot1Q 3
          ip address 192.168.3.1 255.255.255.0
          ip nat inside
          ip virtual-reassembly in
          !
          interface FastEthernet0/0.4
          encapsulation dot1Q 4
          ip address 192.168.4.1 255.255.255.0
          ip nat inside
          ip virtual-reassembly in
          !
          interface FastEthernet0/0.5
          encapsulation dot1Q 5
          ip address 192.168.5.1 255.255.255.0
          ip nat inside
          ip virtual-reassembly in
          !
          interface FastEthernet0/1
          ip address (WAN IP ADDRESS)
          ip nat outside
          duplex auto
          speed auto
          !
          interface Serial0/0/0
          no ip address
          shutdown
          clock rate 2000000
          !
          ip http server
          ip http authentication local
          ip http secure-server
          ip http timeout-policy idle 500 life 86400 requests 10000
          !
          !
          ip nat inside source list nat interface FastEthernet0/1 overload
          ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
          !
          ip access-list extended nat
          permit ip 192.168.0.0 0.0.255.255 any
          !
          logging esm config

          control-plane
          !
          !
          alias exec c Configure Terminal
          alias exec s Show Ip Interface Brief
          alias exec t Terminal Monitor
          !
          line con 0
          logging synchronous
          line aux 0
          line vty 0 4
          exec-timeout 0 0
          logging synchronous
          transport input all
          line vty 5 807
          exec-timeout 0 0
          logging synchronous
          transport input all
          !
          scheduler allocate 20000 1000
          ntp server 207.46.197.32
          !

          end

          BS#
          Kamal

          Comment


          • #6
            Re: Bandwidth Managment for Cisco

            I think you should be able to do it with qos and or traffic policing.
            Caesar's cipher - 3

            ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

            SFX JNRS FC U6 MNGR

            Comment


            • #7
              Re: Bandwidth Managment for Cisco

              Originally posted by gforceindustries View Post
              If I'm interpreting your requirements correctly and you will be providing this Internet connectivity for 35 different businesses
              Note that he said offices, not businesses.
              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: Bandwidth Managment for Cisco

                Sounds like a business centre with 35 offices (units) in the building, so business/office shouldn't matter.

                I'm curious to see others' thoughts on this, as I've never got QOS/Policing to work properly on a per-vlan basis.


                Jim

                Comment


                • #9
                  Re: Bandwidth Managment for Cisco

                  Hi Guyz..

                  I got the Solution.

                  The original Author of the Solution is Keith Barker - CCIE RS/Security, CISSP, CCSI
                  -------------------------------------------------------------------------------------------------------

                  ==========================================
                  VLAN 2 (Uploading 1mb and Downloading 3mb)
                  ==========================================

                  access-list 102 permit ip any any

                  class-map type inspect match-all CMAP-ALL-2
                  match access-group 102
                  exit

                  policy-map type inspect PMAP-OUTBOUND-2
                  class type inspect CMAP-ALL-2
                  inspect
                  police rate 1000000 burst 50000
                  exit
                  exit

                  policy-map type inspect PMAP-INBOUND-2
                  class type inspect CMAP-ALL-2
                  inspect
                  police rate 3000000 burst 150000

                  exit
                  exit

                  zone security inside-vlan2
                  exit

                  zone-pair security OUTBOUND-2 source inside-vlan2 destination outside
                  service-policy type inspect PMAP-OUTBOUND-2
                  exit

                  zone-pair security INBOUND-2 source outside destination inside-vlan2
                  service-policy type inspect PMAP-INBOUND-2
                  exit

                  interface FastEthernet0/0.2
                  zone-member security inside-vlan2
                  exit

                  ==========================================

                  VLAN 3 (Uploading 2mb and Downloading 5mb)
                  ==========================================

                  access-list 103 permit ip any any

                  class-map type inspect match-all CMAP-ALL-3
                  match access-group 103
                  exit

                  policy-map type inspect PMAP-OUTBOUND-3
                  class type inspect CMAP-ALL-3
                  inspect
                  police rate 2000000 burst 100000

                  exit
                  exit

                  policy-map type inspect PMAP-INBOUND-3
                  class type inspect CMAP-ALL-3
                  inspect
                  police rate 5000000 burst 250000

                  exit
                  exit

                  zone security inside-vlan3
                  exit

                  zone-pair security OUTBOUND source inside-vlan3 destination outside
                  service-policy type inspect PMAP-OUTBOUND-3
                  exit

                  zone-pair security INBOUND source outside destination inside-vlan3
                  service-policy type inspect PMAP-INBOUND-3
                  exit

                  interface FastEthernet0/0.3
                  zone-member security inside-vlan3
                  exit


                  ==============================

                  WAN Interface

                  interface FastEthernet0/1
                  zone-member security outside

                  end

                  ==============================

                  from my side the Topic is closed.

                  Thanks and regards
                  Kamal

                  Comment


                  • #10
                    Re: Bandwidth Managment for Cisco

                    Thanks for posting back kamal.
                    So I take policing works fine on vlans then?
                    Caesar's cipher - 3

                    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                    SFX JNRS FC U6 MNGR

                    Comment


                    • #11
                      Re: Bandwidth Managment for Cisco

                      I deployed yesterda and so far no complain from the customers. I ll do some testing today after working hours.
                      Kamal

                      Comment

                      Working...
                      X