How Do I Limit Network Traffic with a Cisco Router?
If you are a network administrator or in charge of your company's network, there are times that your network may be getting a lot of network traffic hits. To prevent overloading of your network and to remove unwanted or unnecessary traffic, you can perform a process that would limit the rate of network traffic, also known as Committed Access Rate (CAR). You can effectively manage your network by ensuring that the inbound unwanted traffic will not impact the important traffic from getting through. As a requirement, you should be familiar with basic Cisco networking commands to be able to do this function, as well as be familiar with networking in general.
Other People Are Reading
Instructions
-
-
1
Enable CEF (Cisco Express Forwarding) on the Cisco router. Most routers have CEF disabled by default except on the 7 series routers. The codes to enter the commands on the global configuration mode are as follows:
Router# config t
Router(config)# ip cef
Router(config)# -
2
Create an ACL (Access Control List) to define the traffic you want to perform rate limiting on. Use the acl command (config-acl) from a configuration mode. Enter a number between 1 to 99 to define the ACL description or syntax. For specific codes to use, please refer to the link for ACL Codes Configuration Commands in Resources.
-
-
3
Configure the committed access rate (CAR) policies by entering the rate-limit command, using the access control list as your reference. Reference the proper direction and bandwidth amounts on the interface closest to the source traffic. Type in command as follows:
rate-limit {input | output} [access-group [rate-limit] acl-index] bps burst-normal burst-max conform-action action exceed-action action -
4
Understand what each syntax description stand for based on Cisco's definitions, where the "input" applies a committed access rate traffic policy to packets received on the interface. "Output" applies the committed access rate traffic policy to packets sent on the interface. "Access Group" applies the committed access rate traffic policy to the specified access control list, this syntax is optional. "Rate- limit", an optional syntax, where the access control list is the rate-limit access list. Another optional entry is "acl-index", which is the access list number and "bps" stands for the average bits per second. "Burst normal" is the normal burst size in bytes and the "burst-max" is the excess burst size in bytes. "Conform-action " is a command to take packets in reference to the rate limit; while "action" is the action to take on packets specified by some keywords, such as "continue" and "drop". Finally, "exceed-action" is the action to take on packets in excess of the rate limit.
-
5
Double-check the entries carefully and monitor the network traffic. Make the necessary changes as needed.
-
1
Tips & Warnings
Committed access rate shows as disabled by default on the interface.
You can only use committed access rate with IP (Internet Protocol) traffic only and not on non-IP traffic.
Resources
- Photo Credit OoOoxmodsoOoO/Morguefile
