Rate-limited services are becoming popular among dedicated server and co-location customers for a variety of reasons. Some want a burstable service but wish to be protected from large, unexpected overage charges. Others are purchasing "unmetered" service at increments such as 20Mbps. Small network operators may not want to give their customers a full 100Mbps burstable port to reduce their exposure to overage bills or prevent a single customer from being able to saturate a 100Mbps switch or router uplink port.
Whatever your reason for deploying a configuration that rate-limits customer traffic, the below example applies to many Cisco IOS platforms. It will allow up to 5Mbps of traffic from the customer on port FastEthernet0/1, with a burst margin of 26KByte per 1Mbps. This example is not a complete configuration for any platform, and includes only statements relavent to the task.
mls qos ! class-map match-any ip-any match access-group 1 ! policy-map 5Mbps class ip-any police 5000000 130000 exceed-action drop ! interface FastEthernet0/1 description "customer 123 port 1" no switchport ip address 172.16.0.1 255.255.255.252 no ip proxy-arp service-policy input 5Mbps duplex full speed 100 ! interface GigabitEthernet0/1 description "uplink to core switch" switchport trunk encapsulation dot1q switchport mode trunk flowcontrol send off ! access-list 1 permit any |
