Traffic policy.

Is it possible to limit incoming traffic using policing? For example:

ip access-list extended ACL_CM_TEST permit tcp any any eq www class-map match-any CM_TEST match access-group name ACL_CM_TEST policy-map PM_TEST class CM_TEST police 1024000 conform-action transmit exceed-action drop

And of course attaching it to an interface with service-policy input.

Reply to
Micha³ Iwaszko
Loading thread data ...

Yes, but it -usually- doesn't help much. THe packets have already been transmitted to you, so the link has already been congested; and no return signal is going to be explicitly sent upstream to indicate the packet has been dropped.

You mostly using incoming traffic policies if you have internal devices (hosts, routers, switches) that cannot keep up to the received traffic.

You can, though, use incoming traffic policies to simulate network congestion to force the receiver to send back ACKs that the transmitter would interpret as indicating that the data wasn't getting through, thus forcing the transmitter to adjust the congestion window. It is -better- if you can push this kind of adjustement to the other side of your uplink, but it can be made to work, I understand.

Reply to
Walter Roberson

This does work pretty well with TCP.

I have only been doing it at home but on a shared 500k internet connection I have limited the /Output/ to the local Ethernet to 200k for one PC and I find that the ADSL side traffic is nicely constrained to this limit. Clearly there will be circumstances when it might break down but it has been quite good for me so far.

Reply to
Bod43

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.