Traffic policy.

Discussion in 'Cisco' started by =?ISO-8859-2?Q?Micha=B3_Iwaszko?=, Oct 2, 2006.

  1. Is it possible to limit incoming traffic using policing? For example:

    ip access-list extended ACL_CM_TEST
    permit tcp any any eq www
    class-map match-any CM_TEST
    match access-group name ACL_CM_TEST
    policy-map PM_TEST
    class CM_TEST
    police 1024000 conform-action transmit exceed-action drop

    And of course attaching it to an interface with service-policy input.


    --
    Micha³ Iwaszko
    (Rot13 my address)
     
    =?ISO-8859-2?Q?Micha=B3_Iwaszko?=, Oct 2, 2006
    #1
    1. Advertising

  2. In article <efr2qf$ov2$>,
    Micha³ Iwaszko <> wrote:
    >Is it possible to limit incoming traffic using policing?


    Yes, but it -usually- doesn't help much. THe packets have already
    been transmitted to you, so the link has already been congested;
    and no return signal is going to be explicitly sent upstream
    to indicate the packet has been dropped.

    You mostly using incoming traffic policies if you have internal
    devices (hosts, routers, switches) that cannot keep up to the
    received traffic.

    You can, though, use incoming traffic policies to simulate network
    congestion to force the receiver to send back ACKs that the
    transmitter would interpret as indicating that the data wasn't
    getting through, thus forcing the transmitter to adjust the congestion
    window. It is -better- if you can push this kind of adjustement
    to the other side of your uplink, but it can be made to work,
    I understand.
     
    Walter Roberson, Oct 2, 2006
    #2
    1. Advertising

  3. =?ISO-8859-2?Q?Micha=B3_Iwaszko?=

    Guest

    Walter Roberson wrote:
    > In article <efr2qf$ov2$>,
    > Micha³ Iwaszko <> wrote:
    > >Is it possible to limit incoming traffic using policing?

    >
    > Yes, but it -usually- doesn't help much. THe packets have already
    > been transmitted to you, so the link has already been congested;
    > and no return signal is going to be explicitly sent upstream
    > to indicate the packet has been dropped.
    >
    > You mostly using incoming traffic policies if you have internal
    > devices (hosts, routers, switches) that cannot keep up to the
    > received traffic.
    >
    > You can, though, use incoming traffic policies to simulate network
    > congestion to force the receiver to send back ACKs that the
    > transmitter would interpret as indicating that the data wasn't
    > getting through, thus forcing the transmitter to adjust the congestion
    > window. It is -better- if you can push this kind of adjustement
    > to the other side of your uplink, but it can be made to work,
    > I understand.


    This does work pretty well with TCP.

    I have only been doing it at home but on a shared 500k internet
    connection I have limited the /Output/ to the local Ethernet to 200k
    for one PC and I find that the ADSL side traffic
    is nicely constrained to this limit. Clearly there will be
    circumstances when it might break down but it has
    been quite good for me so far.
     
    , Oct 2, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andrew Albert
    Replies:
    0
    Views:
    2,337
    Andrew Albert
    Feb 8, 2005
  2. Hypno999

    traffic-shaping limit ftp traffic

    Hypno999, Oct 7, 2005, in forum: Cisco
    Replies:
    5
    Views:
    3,645
  3. Tyler Cobb
    Replies:
    6
    Views:
    18,633
    Tyler Cobb
    Oct 19, 2005
  4. Tyler Cobb
    Replies:
    1
    Views:
    736
    dawnad
    Oct 9, 2005
  5. Geoffrey Sinclair

    Policy map using policy map

    Geoffrey Sinclair, Jul 27, 2009, in forum: Cisco
    Replies:
    1
    Views:
    534
    bod43
    Jul 27, 2009
Loading...

Share This Page