Sorry to derail off topic, though I appreciate the feedback. Trying to get this to work through a Cisco ASA. If not, I probably have an old 2900 series router somewhere.
Thank you again.
Thank you again.
On Mon, May 9, 2016 at 2:33 PM, Yuri Voinov <yvoinov@xxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I mean this, for example:
haribda(config)#policy-map Net_Limit
haribda(config-pmap)#class alternate
haribda(config-pmap-c)#?
Policy-map class configuration commands:
admit Admit the request for
bandwidth Bandwidth
compression Activate Compression
drop Drop all packets
exit Exit from class action configuration mode
fair-queue Enable Flow-based Fair Queuing in this Class
flow Flow subcommands
log Log IPv4 and ARP packets
measure Measure
netflow-sampler NetFlow action
no Negate or set default values of a command
police Police
priority Strict Scheduling Priority for this Class
queue-limit Queue Max Threshold for Tail Drop
random-detect Enable Random Early Detection as drop policy
service-policy Configure QoS Service Policy
set Set QoS values
shape Traffic Shaping
haribda(config-pmap-c)#bandwidth ?
<1-2000000> Kilo Bits per second
percent % of total Bandwidth
remaining percent/ratio of the remaining bandwidth
This is 2901, ISR G-2.
10.05.16 3:15, J Green пишет:
> Here, re 'upload and download sizes', I meant the later 'dumb traffic limits'.
>
> We do have a Cisco firewall in place, and I have setup 'traffic policing'. However, the results are inconsistent. Sometimes it seems to work, other times it blocks everything, or it blocks nothing.
>
> Appreciate all the feedback, thank you all for your time.
>
> On Mon, May 9, 2016 at 12:27 PM, Yuri Voinov <yvoinov@xxxxxxxxx <mailto:yvoinov@xxxxxxxxx>> wrote:
>
>
> For such task enough put Cisco router with TCP traffic policies .....
>
> And please - any protocol, any speed limits, any ACL's, any SLA .....
>
>
> 10.05.16 1:15, Alex Rousskov пишет:
> > On 05/09/2016 12:53 PM, Yuri Voinov wrote:
>
> >> Just to clarify. For proxying anything (protocol or service), the proxy
> >> server must be at the same time also act as the client of a protocol or
> >> service - and as a server.
>
>
> > It all depends on the definition of "upload and download sizes" in the
> > OP question. If the intent is to understand and restrict individual
> > protocol messages, then you are right. If the intent is just to limit
> > the aggregate number of TCP bytes transferred, then protocol
> > understanding (in a "transparent" setup) is not required.
>
> > Needless to say, Squid is unlikely to be the best solution for the
> > latter "dumb traffic limits" problem, but if an "all-in-one executable"
> > is a critical requirement, one can make modern Squids to limit tunneled
> > TCP traffic that it does not understand.
>
> > Alex.
>
>
> >> J Green:
> >>>> Would like to limit maximum upload and download sizes for
> >>>> other TCP protocols: SMB, NFS, FTP, and RDP.
> > _______________________________________________
> > squid-users mailing list
> > squid-users@xxxxxxxxxxxxxxxxxxxxx <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
> > http://lists.squid-cache.org/listinfo/squid-users
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXMQIjAAoJENNXIZxhPexGC9YIAIXbLAOqQMTNmawXVrSpK2rP
zwW4RmwsmDOZzqFgldMlEJRkSH+H3UXiF6Zw994Ys3pYliB5o55qN3DYB2fGlu4H
Me3bq71PoZo+qes15l9ePpWq+0jK9B06fMGgWdBeSuVjRwC72hq0k2cPCpg9Hcd3
KqytNCaM6kb7CFfxhm8g5w0lSHwQkoKM8XDbtVzrKjT0VbFcYRXR6SP5tzRwDW9D
ZHFQ8hX19RBof8JqWQo6UbhXZBZGtDjoOaGQ/EBMLjzl6guUdKt9Xi8pF+rkBgSk
S0Y2JZypIxAeMuj9STfRs54ZCId9NtZfA76o5M7PH0OrCfz1oXA+m0kzCQfEZtY=
=tSMD
-----END PGP SIGNATURE-----
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
