cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Tim_Bernat
Nickel

Limit the bandwidth of a single interface

Hi All,

and thanks in advance for any replies. We are looking at limiting a single interface; we have a part of a network that we want on 150 or 200 Mbps, and it's connected to one of the gateways through a single interface. 

We are not currently using QoS, so and I am looking for an easy way to implement that. There are some QoS guides out there that describe policing, but as part of full setup. Can anyone please point me towards something more condensed? 

Cheers, Tim 

2 Replies

Re: Limit the bandwidth of a single interface

I think you can use fw samp to do what you want, see:

sk112454: How to configure Rate Limiting rules for DoS Mitigation

Using this command you can set bandwidth/connection quotas that are efficiently enforced by SecureXL; this mechanism is vastly preferred to the Network Quota IPS signature which kills practically all SecureXL acceleration on the gateway.  Unfortunately you cannot directly specify a certain interface for enforcement in the matching criteria, but hopefully you could do the same thing with carefully selected source and/or destination networks in your fw samp statement.

 

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
Tim_Bernat
Nickel

Re: Limit the bandwidth of a single interface

Thanks Jade,

 

will play with this in our test environment and share my experience here. Might be some time though, I'm off for a week and busy with other projects, I will update as soon as possible. 

Cheers.