Bandwidth Throttling in cisco asa 5510

by | Jul 8, 2014 | ASA, Cisco | 0 comments

Bandwidth throttling is the intentional slowing of Internet service.It is a reactive measure employed in communication networks in an apparent attempt to regulate network traffic and minimise bandwidth congestion. Bandwidth throttling can occur at different locations on the network. On a local area network  (LAN), a sysadmin may employ bandwidth throttling to help limit network congestion and server crashes. On a broader level, the ISP may use bandwidth throttling to help reduce a user’s usage of bandwidth that is supplied to the local network. Bandwidth throttling provides headroom and save the network from saturation from hungry users.   How to implement on Cisco ASA? The example below enables Bandwidth throttling for a 100 Mb link. The uplink is configured to be 40 Mb and downlink is configured to be 60 Mb. The internal network is 192.168.5.0/24   access-list throttle_me extended permit ip 192.168.5.0 255.255.255.0 any
access-list throttle_me extended permit ip any  192.168.5.0 255.255.255.0 The second step is to define the class-map. class-map throttle-me
match access-list throttle_me Now you need to define your policy-map and call the class-map. policy-map throttle-policy
class throttle-me
police output 60000000 2000
police input 40000000 2000   you can calculate Burst from the rate_limit_calculator_2

The final step is to apply the new service-policy to the PHYSICAL interface where the traffic will flow.  You CANNOT apply this to a sub-interface.

service-policy throttle-policy interface INT (interface name)

Note:

input here is uplink

output here is downlink

Few useful diagnostics commands:

show service-policy police
Ref: https://supportforums.cisco.com/document/7011/asa-qos#Traffic_Policing_with_Prioritization

Ref: http://slazyk.com/2009/08/bandwidth-policing-throttling-cisco-asa/

Ref: Rate Limit Calculator

https://learningnetwork.cisco.com/docs/DOC-7874

https://supportforums.cisco.com/discussion/10985866/traffic-rate-limiting-cisco-asa-5510

http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_27746846.html

Submit a Comment

Your email address will not be published.