Limiting bandwidth per user on the 1800 Series
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by Nate Silva on October 3, 2007, 2:43 pm
Please log in for more thread options One requirement is to prevent LAN users from hogging bandwidth. Let's say one user is downloading a large file from a high-bandwidth site. That could saturate our T1. With the 1811 is there a way to limit an individual user on the LAN side to (for example) 500 Kbps? Regards, Nate | ||||||||||||||||
|
Posted by Trendkill on October 3, 2007, 3:01 pm
Please log in for more thread options Not that I am aware of. Routers do not have any type of underlying authentication (so they can't tell who is who), and only know about streams of data (source/destination IPs and ports). You can input a QoS policy to classify all web traffic in a certain way and limit things like FTPs or other bandwidth-intensive applications, but even then, it will only mark and prioritize the traffic going out of the router to the internet, and not back in. Unless you have a higher level application server or proxy that can provide this function, you are going to be stuck. | ||||||||||||||||
|
Posted by Nate Silva on October 3, 2007, 3:16 pm
Please log in for more thread options > Not that I am aware of. Routers do not have any type of underlying
> authentication (so they can't tell who is who), and only know about > streams of data (source/destination IPs and ports). You can input a > QoS policy to classify all web traffic in a certain way and limit > things like FTPs or other bandwidth-intensive applications, but even > then, it will only mark and prioritize the traffic going out of the > router to the internet, and not back in. Unless you have a higher > level application server or proxy that can provide this function, you > are going to be stuck. Limiting per stream would work. It doesn't have to be per literal user. But from what you're saying it could only limit the outbound traffic and not back in? Regards, Nate | ||||||||||||||||
|
Posted by Trendkill on October 3, 2007, 3:28 pm
Please log in for more thread options >
> > Not that I am aware of. Routers do not have any type of underlying
> > authentication (so they can't tell who is who), and only know about > > streams of data (source/destination IPs and ports). You can input a > > QoS policy to classify all web traffic in a certain way and limit > > things like FTPs or other bandwidth-intensive applications, but even > > then, it will only mark and prioritize the traffic going out of the > > router to the internet, and not back in. Unless you have a higher > > level application server or proxy that can provide this function, you > > are going to be stuck. >
> Limiting per stream would work. It doesn't have to be per literal > user. But from what you're saying it could only limit the outbound > traffic and not back in? > > Regards, > Nate Yes as the traffic would not be marked at the other side, and once it traverses your t1, your router could mark it, but what good would it do (its already come across the t1). And it would not be per stream, it would be class of traffic (all ftp, all web, all traffic to/from a certain site), basically it would depend on an access list. I don't know of any other ways to implement QoS to do what you are looking for....... | ||||||||||||||||
|
Posted by Walter Roberson on October 3, 2007, 7:14 pm
Please log in for more thread options >> But from what you're saying it could only limit the outbound
>> traffic and not back in? >Yes as the traffic would not be marked at the other side, and once it
>traverses your t1, your router could mark it, but what good would it >do (its already come across the t1). If it is TCP and you drop it as it comes in to your router, then the end-to-end TCP flow control mechanisms would kick in, causing the sender to back-off and lower the window size. You end up paying for a window-full of packets to go across your T1, but traffic after that would be moderated. | ||||||||||||||||
>
> One requirement is to prevent LAN users from hogging bandwidth. Let's
> say one user is downloading a large file from a high-bandwidth site.
> That could saturate our T1.
>
> With the 1811 is there a way to limit an individual user on the LAN
> side to (for example) 500 Kbps?
>
> Regards,
> Nate