Bandwidth throttling is the intentional slowing of Internet service.It is a reactive measure employed in communication networks in an apparent attempt to regulate network traffic and minimise bandwidth congestion. Bandwidth throttling can occur at different locations on the network. On a local area network (LAN), a sysadmin may employ bandwidth throttling to help limit network congestion and server crashes. On a broader level, the ISP may use bandwidth throttling to help reduce a user’s usage of bandwidth that is supplied to the local network.
Bandwidth throttling provides headroom and save the network from saturation from hungry users.
How to implement on Cisco ASA?
The example below enables Bandwidth throttling for a 100 Mb link. The uplink is configured to be 40 Mb and downlink is configured to be 60 Mb. The internal network is 192.168.5.0/24
access-list throttle_me extended permit ip 192.168.5.0 255.255.255.0 any
access-list throttle_me extended permit ip any 192.168.5.0 255.255.255.0 The second step is to define the class-map. class-map throttle-me
match access-list throttle_me Now you need to define your policy-map and call the class-map. policy-map throttle-policy
police output 60000000 2000
police input 40000000 2000 you can calculate Burst from the rate_limit_calculator_2
The final step is to apply the new service-policy to the PHYSICAL interface where the traffic will flow. You CANNOT apply this to a sub-interface.
service-policy throttle-policy interface INT (interface name)
input here is uplink
output here is downlink
Few useful diagnostics commands:
show service-policy police Ref: https://supportforums.cisco.com/document/7011/asa-qos#Traffic_Policing_with_Prioritization
Ref: Rate Limit Calculator