Monday, March 4, 2013

Cisco ASA BW Throttling

Today I had a task for limiting bandwidth for a client behind my Cisco ASA.

 This place has 100Mbit/s connection and I want to throttle one of my client to 97 Mbits

For this task we need to create ip access list first.

source address is to any host
access-list limit_client extended permit ip host any

create a class map
class-map inside-class
 match access-list limit_client

creating our policy map
I am not really good at math :) so i used this web site for bit calculation 
policy-map inside-policy  
 description bandwidth limit for Disk-Array
 class inside-class
  police input 101711500 50852  

  police output 101711500 50852 

 ThenApply our service policy to inside interface.
service-policy inside-policy interface inside

Here, I limit input and output speed to 97Mbits and i used 50Kbits burst size for short amount time.

Default action is if you pass 97Mbit+50Kbits, ASA will drop your other packets.


No comments:

Post a Comment