Different Rate Limits per Port based on IP?

Discussion in 'Cisco' started by JayDubb, May 28, 2006.

  JayDubb

    JayDubb Guest

    We use C2950 switches with EI and are successfully rate limiting on
    individual ports. Now we have an additional need.

    We are running virtual servers (multiple guest machines running on a
    single physical host). The physical host plugs into a single
    switchport. For example, assume 5 guest machines:

    VM 1 -
    VM 2 -
    VM 3 -
    VM 4 -
    VM 5 -
    Physical host -

    We want each VM to be rate limited individually. Example, each VM
    should get 1 Mbps. In other words, rate-limit based on source IP.

    If we just rate limit the switchport to 5 Mbps, a single VM could pass
    up to 5 Mbps traffic. Goal not met.

    I know the 2950 has very few rate-limit options compared to a router
    or a 3550.

    Is there any way to accomplish what we need on the 2950? If not, what
    is the minimum switch model we'll need to do this, and will we need SI
    or EI image?

    Or is it better in the long run to go with a router to rate-limit
    based on IP address?

    Advice, please. TIA.
    JayDubb, May 28, 2006
  jbrunner007

    jbrunner007 Guest

    this does not scale. It is not a good option to do this on any CISCO

    If you absolutely need this, get a 3550 and make a class for each ip
    host. That class will be from an ACL matching the ip address... i.e.

    access-list 106 permit ip host any
    access-list 106 permit ip any host

    class match-all host1
    match access-group 106

    policy hosts-qos
    class host1
    bandwidth 256
    jbrunner007, May 30, 2006
  JayDubb

    JayDubb Guest

    Thanks for the info. Fortunately, there will only be a couple hundred
    virtual hosts spread across numerous switches so the load per-switch
    won't be high.

    Followup question: Will the 3550 do this with the SI image, or do I
    need the more expensive EI?
    JayDubb, Jun 4, 2006
