traffic shaping w/ router as a transparent bridge

Discussion in 'Cisco' started by msbrentlinger@gmail.com, Nov 15, 2007.

  1. Guest

    Ive got some issues with traffic shaping, I assume Im just missing
    something stupid but cant seem to find the issue. Im hoping some kind
    person can point out the obvious



    Ive reviewed: Configuring Generic Traffic Shaping

    http://www.cisco.com/univercd/cc/td...2/122cgcr/fqos_c/fqcprt4/qcfgts.htm#wp1001057
    .... as well as ...
    http://www.velocityreviews.com/forums/t30137-using-a-cisco-router-as-a-throttling-bridge.html
    http://www.velocityreviews.com/forums/t35922-rate-limit-question.html
    http://groups.google.com/group/comp...&q=cisco traffic shape group#7e8a1f7a26eabee3




    Heres my network layout:

    h1 (10.0.0.3 / 0017.0830.cb00) ---|
    |
    h2 (10.0.0.4) -------------------------|------ (f0/0) r1 (e1/0)
    -------- (10.0.0.1) r2 ------- internet
    |
    h2 (10.0.0.5) -------------------------|



    i need to shape in and out bound traffic for various hosts
    independantly (ie h1, h2, h3). i also need to do this with a bridge
    since i dont want to create any more confusion than needed by fooling
    with more subnets, consuming extra addresses, or nat. i have a spare
    router (r1) which is:

    bw_throttle>sh ver
    Cisco Internetwork Operating System Software
    IOS (tm) 3600 Software (C3620-IS-M), Version 12.3(17), RELEASE
    SOFTWARE (fc2)

    and has the following relevant config:

    no ip routing
    !
    interface FastEthernet0/0
    no ip address
    traffic-shape group 1 500000 18000 18000 1000
    traffic-shape group 700 500000 18000 18000 1000
    bridge-group 1
    !
    interface Ethernet1/0
    no ip address
    traffic-shape group 1 500000 18000 18000 1000
    traffic-shape group 700 500000 18000 18000 1000
    bridge-group 1
    !
    access-list 1 permit 10.0.0.3
    access-list 700 permit 0017.0830.cb00
    !
    bridge 1 protocol ieee




    this doesn't shape traffic to the expected 500kbps for h1; the only
    way i can seem to shape any traffic is with something like the
    following on both interfaces

    traffic-shape rate 500000 18000 18000 1000

    unfortunately this is not what i need; i instead need to shape traffic
    for specific hosts, preferably specifiying those hosts by ip address,
    not mac address, but at this point ill take whatever i can get
    , Nov 15, 2007
    #1
    1. Advertising

  2. Guest

    my network layout got a bit messed up, hopefully this is better
    Heres my network layout:

    h1 (10.0.0.3 )
    (0017.0830.cb00) --|
    |
    h2 (10.0.0.4) --------|-- (f0/0) r1 (e1/0) -- (10.0.0.1) r2 ---
    internet
    |
    h2 (10.0.0.5) --------|
    , Nov 15, 2007
    #2
    1. Advertising

  3. Guest

    *sigh*... sorry, still wrapping and goofing up
    heres one more diagram attempt

    hh1 (10.0.0.3 )
    (0017.0830.cb00) |
    |
    h2(10.0.0.4)------|- (f0/0) r1 (e1/0) -- (10.0.0.1) r2 - inet
    |
    h2 (10.0.0.5) -----|
    , Nov 15, 2007
    #3
  4. Guest

    perhaps i just cant do what im trying to pull off? since im trying to
    make a router act as a layer 2 device and shape traffic based on layer
    3 addresses perhaps thats not a possibility?
    , Nov 15, 2007
    #4
  5. Guest

    Ive not gotten any help with doing this with cisco equipment... though
    ive moved on to doing it with BSD

    Building a transparent traffic-shaping bridge
    http://www.cardus.com/2007/09/24/building-a-transparent-traffic-shaping-bridge/
    http://www.openbsd.org/faq/faq4.html

    There was a bit more to building the openbsd box, but with some help
    from the following I figured it out
    http://www.openbsd.org/faq/pf/queueing.html
    http://insecure.ucdavis.edu/openbsd/openbsd-4-0-firewall

    Things not in the guide were I had to add pftop...
    # pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/4.2/packages/i386/pftop-0.6.tgz
    and to see queue info once you run pftop you have to use the left and
    right arrow keys

    I also had to find info on how to change and reapply rules

    Configure rules for pf:
    write your rules and save them in pf.test
    To test your rules type:
    # pfctl -nf /etc/pf.test
    When you are confident that you want to apply the rules type:
    # cp pf.conf pf.old && cp pf.test pf.conf
    To load your rules type:
    # pfctl -f /etc/pf.conf

    Hope that helpls someone . If anyone figures out how to do it with
    something better
    or with cisco equipment id love to know how.
    , Nov 20, 2007
    #5
  6. alexd Guest

    wrote:

    > Hope that helpls someone . If anyone figures out how to do it with
    > something better
    > or with cisco equipment id love to know how.


    Depends what you mean by 'better'. If Linux is your thing, you can do it
    with ebtables.

    --
    <http://ale.cx/> (AIM:troffasky) ()
    10:06:48 up 10 days, 22:45, 2 users, load average: 0.27, 0.25, 0.25
    50,000 watts of funking power
    alexd, Nov 22, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kenny D
    Replies:
    1
    Views:
    633
    Remien, Carsten
    Dec 5, 2003
  2. Hypno999

    traffic-shaping limit ftp traffic

    Hypno999, Oct 7, 2005, in forum: Cisco
    Replies:
    5
    Views:
    3,607
  3. Skybuck Flying
    Replies:
    0
    Views:
    4,799
    Skybuck Flying
    Jan 19, 2006
  4. Nova
    Replies:
    2
    Views:
    931
    ~misfit~
    Mar 20, 2006
  5. Replies:
    1
    Views:
    667
    Ios2012
    Oct 4, 2011
Loading...

Share This Page