Home / server / Questions / 134405
Accepted
garg
Asked: 2010-04-22 04:21:16 +0800 CST

Full speed internal switch bandwidth but per-port set external bandwidth?

  • 772

I am in an environment where all the machines are behind a switch that I don't have access to. Each ethernet wall port has limited bandwidth depending on how much has been paid for each port. The problem is that some people have 10Mbps connections and some have 100Mbps connections and this causes problems with local intranet file transfers and operating system/software deployments. Operating systems can take hours to be deployed if the machine is on 10mbps.

Do you know if it is possible with most switches to set a rule that would limit bandwidth coming in/going out to an extranet, but keep full bandwidth if the packets are destined to go to a local machine?

For example, the internet might be limited to 10Mbps, but internal servers would get gigabit speeds?

Thanks

networking switch ethernet network-speed

3 Answers

  1. Best Answer

    On Cisco routers you can use rate-limit based on an ACL that would do just that. I am not sure about switches though, so not sure if this information helps you at all (Other than maybe if these are catalyst switches it give you a keyword to google or try from ios):-/

    On a router it would be something like:

    interface FastEthernet2/0
 ip address 192.168.9.1 255.255.255.0
 rate-limit output access-group 151 96000 1500 2000 conform-action transmit exceed-action drop
!

access-list 151 deny   ip 192.168.0.0 0.0.255.255 any
...etc
access-list 151 permit ip any any

    So maybe a L3 switch would be similar?

    • 1

  2. If you don't mind installing an additional PC to act as a bridge on the network, this software may be of help. http://www.softperfect.com/products/bandwidth/

    I'm using SPBWM with my cable connection to limit the available bandwidth on a per IP bases. (you can also set rules based on protocols and MAC addresses)

    Here is a diagram of my network. http://coreybrett.com/images/Network_Diagram.png

    I have a rule for each address on my subnet, that limits up and down bandwidth.

    • 1

  3. I like putting my rate limiting and other ACLs as close to the user as possible, ideally at the port the user is connected to.

    Enterasys switches have ACL functionality built into their switches that fully supports this sort of thing. Make sure you get one of their switches that has this functionality built-in and turned on (the B series has it but as a licensed feature; the C series has it as part of the core functionality).

    I believe extreme networks also have similar functionality, though I've never actually used it.

    It can also be done at the L3 layer or at the border as well.

    • 1