In this article we will configure a Cisco IOS Router to limit the bandwidth usage of an user that is watching video of a security camera. To that goal, we will use a traffic policer, but will also show how to reach the same objective using traffic shapping.
The router is placed in the company branch office, which is using IP subnet 10.1.212.0/23. The IP security camera is in the subnet 10.1.218.0/24, and uses TCP source port 37777.
1. We will limit the bandwidth for packets that match to the following ACL.
access-list 101 permit tcp 10.1.218.0 0.0.0.255 eq 37777 10.1.212.0 0.0.1.255
2. Configure the class-map using the defined ACL.
class-map match-all Sec-Camera match access-group 101
5. Configure the policy-map with the desired bandwidth limit, or Committed Information Rate (CIR: 1,000,000 bps = 1 Mbps)
policy-map Limit-Camera-BW class Sec-Camera police cir 1000000
If you want to shape the traffic instead of policing, use the command shape:
policy-map Limit-Camera-BW class Sec-Camera shape average 1000000
6. Apply the policy-map to the interface connected to the destination network of the packets, in the output direction:
interface GigabitEthernet0/0.10 service-policy output Limit-Camera-BW
7. To verify the results, use the command:
show policy-map interface