Hello Redditors,
I've got the following situation.
Currently We have a situation where we have sets of IPs (that change over time, get bigger or smaller) that we need to police (rate-limit) when going through an specific interface, the catch here is that each IP must have assigned a maximum bandwidth (so we don't want to deal with shared values).
So, for instance we have:
1.- 10 IPs that must be limited at 10 mbps each
2.- 50 IPs that must be limited at 30 mbps each
Some times we have to move IPs from 2 to 1 or vice-versa, or just remove them altogether. We could achieve this using MQC, we kind of do it, but this means adding a class statement per IP, which is not something I want to do anymore (if possible), I'd like to have something like this:
policy-map IF\AA_OUT)
class class\10_mbps)
match ACL\01)
police each IP to 10 mbps
class class\30_mbps)
match ACL\02)
police each IP to 30 mbps
So adding, removing or changing bandwidth per IP would be a matter of just removing or adding entries to the ACLs. I've found something called flow micropolicer, but all the documentation refers to the Cisco 6500 (we need it to work on ASR1001-X and 7200), and also the documentation points that this can only be done in the ingress-direction, which won't work for us since we need to limit only outgoing traffic over one of the interfaces, not all.
Any help on this? doable? or stick at adding class statements per customer?
No comments:
Post a Comment