CAR Example: Policing
In this example, we will restrict a web server to only 3 mb/s of page serving.  Other items from the web server will pass unhindered.

interface Ethernet0/0
ip address 172.16.18.1 255.255.255.0
no ip directed-broadcast
rate-limit input access-group 140 3000000 6000 0 conform-action transmit  exceed-action drop

ip access-list extended 140
permit tcp host 172.16.18.23 eq 80 any

You can restrict several hosts this way.  If you want a set of hosts to aggregate to a specific bandwidth, just add them to the access list.  Or, if you want two different hosts with two different rates, create a second rate-limit command.  In this case, I'm allowing more bandwidth for FTP than for web traffic.

interface Ethernet0/0
ip address 172.16.18.1 255.255.255.0
no ip directed-broadcast
rate-limit input access-group 140 3000000 6000 0 conform-action transmit  exceed-action drop
rate-limit input access-group 142 3500000 7000 0 conform-action transmit  exceed-action drop
ip access-list extended 140
permit tcp host 172.16.18.23 eq 80 any
!
ip access-list extended 142
permit tcp host 172.16.18.24 eq ftp-data any
Daniel J McDonald, Webmaster
Back to my Homepage
Hosted by www.Geocities.ws

1