Don't have to do it with Cisco IOS.
FreBSD works quite nice for this. If a Internce Cafe, then place it on the upstream side of the network, or right before it. On Tue, Sep 10, 2002 at 03:32:31AM +0300, Rafi Sadowsky wrote: > > ## On 2002-09-09 17:15 -0700 Eliot Lear typed: > > EL> > EL> Paul Vixie wrote: > EL> > per-destination host AND port egress rate shaping. if someone tries to send > EL> > more than 1Kbit/sec to all port 80's, or more than 1Kbit/sec to any single > EL> > IP address, then you can safely RED their overage. this violates the whole > EL> > peer-to-peer model but there's no help for that in the short term. if some > EL> > internet cafe has a CuCme camera setup then you can find a way to let that > EL> > traffic off-net without rate shaping. this will be the exception. > EL> > EL> Please be aware that this could have unintended consequences, and should > EL> be used in very constrained ways. In particular, there are any number > EL> of applications, including VPN applications that use port 80. I would > EL> recommend that only specified destinations get such treatment, if you > EL> apply it at all. > > Hi Eliot > > Maybe I'm missing something obvious but do how you get rate-limiting per > TCP *flow* with Cisco IOS ? > > -- > Regards, > Rafi > >