A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
Speed-limiting switches are typically on three or more switches, and the new switch model two-tier device since 2008 can achieve the QoS speed limit of 1Mbps, such as the Cisco 2960 series switches. After this, most of the domestic standard two-layer switches can be long speed limit, the accuracy of the basic can reach 1Mbps, such as standard two layer, H3C standard two layer can do. Older Cisco standard two-layer switches such as 2950-class switching can also be speed-limiting, but with only 10Mbps accuracy. Switching between 2950G and 2950 for EI type does not have much speed limit differences, because the speed limit and iOS are related, the 2950 series of the Exchange iOS version is generally around 9.0, the latest 2960 series switch iOS version around 12.2, the higher version of iOS provides stronger system features.
PC is directly connected to the three-layer switch port, meaning that the limit is three layer switch port uplink and downlink traffic control, similarly, if the three-layer switch port is not connected to the PC, but a two-layer switch, then the lower-level devices can be on the upper bound speed limit.
Note: Each interface supports only one policy per direction, and one policy can be used for multiple interfaces. Therefore, the download rate limit for all PCs should be defined. In the same strategy (in this case, Policy-map User-down), the difference between PC rates is defined in Class-map.
Using the Strom-control (Storm Control) feature in three-layer switching, this feature is based on port-controlled unicast \ Multicast \ Multicast, which can be accurate to 0.01%, but an approximate value. This method is a threshold way, limit the monitoring time per second, more than the set threshold to discard the package, and the user is not aware of the network terminal, or remote unresponsive, obviously this way can not ensure that the end user every moment of the network unimpeded, so I think this method is only applicable to certain occasions, Or in conjunction with other policies.
Storm control prevents the port of the switch from being destroyed by a broadcast, multicast, or unicast storm on a physical port in the LAN. LAN storm occurs in the packet flooding in the local area network, the establishment of excessive traffic and loss of network performance. Errors in the protocol stack or errors on the network configuration can cause storms.
Storm control (or flow suppression) manages the flow state of the stack, and is managed through a time and contrast measurement with pre-set threshold values for the suppression level. The threshold value is expressed as a percentage of the total available bandwidth for that port. The switch supports individual storm control thresholds for broadcast, multicast, and unicast. If the traffic type threshold is reached, more of this type of traffic will be suppressed until the incoming stack flow drops below the threshold level.
Note: When multicast is faster than a set of thresholds, all inbound traffic (broadcast multicast unicast) is discarded until the level drops below the threshold level. Only the STP package is forwarded. When the broadcast and unicast thresholds are exceeded, only traffic exceeding the threshold is closed.
When the storm control is turned on, the switch monitors the packets over the interface to exchange the bus and determines whether the packet is unicast, multicast, or broadcast. The switch monitors the number of broadcast multicast and unicast, once every 1 seconds, and when a threshold for a type of traffic arrives, the traffic is discarded. This threshold is specified as a percentage of the total available bandwidth that can be used by the broadcast.
This example can also be applied to multicast and unicast traffic. In this example, the broadcast traffic is forwarded between T1-T2 and T4-T5 time over the configured threshold and all of that traffic is discarded at the next time. Therefore, the broadcast traffic is closed within T2 and T5 time. At the next break, T3, if the broadcast traffic does not exceed the limit, then it is forwarded again.
The work of storm control algorithm is the combination of storm control suppression level and interval control per second. A higher threshold allows more packets to pass. Setting the door limit to 100% means that all traffic will not be throttled. 0% means that all broadcast multicast and unicast traffic will be closed.
Turn on Storm control: You turn on Storm control on the interface and enter a percentage of the total available bandwidth to determine what you want to use for that type of traffic, and enter 100% to allow all traffic. However, because of the limitations of the hardware and the difference in the size of the package, the threshold percentage is an approximate value.
The hostname of the switch, the password to enter enable mode, the user name and password for remote login and settings, the IP address of the Management VLAN, the default gateway for the switch, the port of the switch, the SNMP service, the switch time setting, and so on. These are the same as the previous 2950 switches, 2960 switches and 2950 increase the speed limit and other functions, because in the future customers new shelves in addition to the signing of the traffic contract of the other to do on the switch port speed limit.
The first and most important point is that before the configuration of the switch is complete, especially the configuration of the VTP mode (in general, the initial mode of the VTP is configured as transparent mode), it is forbidden to connect the switch to the network until the VLAN information in the network changes, so Because it is configured with the console line.
At the beginning of the configuration 2950 because the password has not been set, security considerations do not connect it to the network, because it is configured with the console port. All ports are self-tested when the switch is power on, and the indicator light on each port starts to turn off after a period of time. The system's instructions are illuminated by default on the Syst and stat two lights.
After the switch is started, it is set up using the console line. The console line uses a serial interface, and the serial port is connected to the computer's serial port (e.g. the computer does not have a serial port to connect with the adapter), and the RJ-45 connector is connected to the console port of the switch. After the line is connected on Windows click start → programs → accessories → communication → HyperTerminal, after jumping out of the New Connection dialog box, fill in the Name column with the name of the connection you want to create, and then OK. Then connected to the COM port, in the COM1 attribute Portland rate Select "9600", Data bit Select "8", parity check Select "None", Stop bit Select "1", Flow control Select "None", or click "Restore Default" to determine the access to the 2950 configuration interface.
2950 If the dialog configuration mode option appears for the first boot, select Yes to enter the dialog configuration mode and select No to enter the CLI command line interface. The following configurations are performed in CLI mode.
Set the Enable password switch (config) #enable secret password with the secret command, because it has better security than the password command, and the password is password The agent software randomly generates 12-bit passwords with numbers and uppercase and lowercase letters
User name, permissions and password when setting the permissions parameters generally fill 0 (minimum permissions), the user name is unified netmaster, password with password agent software randomly generated 12 digits and uppercase and lowercase letters of the password
Summary: Cisco switch port speed limit commonly used configuration, the front-end speed limit work is done by the superior department, recently due to the branch's own internal customer needs, we want to provide it with 50M bandwidth. For this reason, we took a painstaking two-day test, first of all, we tested the device connection situation:
After testing, the scheme was successful. There are a few points to explain, because 35 and 65 only in the input direction to refer to the policy, so at the same time the uplink and download as the speed limit need to be on the top and download two-way port to do, and secondly, we have a lot of detours, say to everyone to wake up, start our test equipment performance is very low, So always test not the ideal result, very frustrated, accidentally took the best of a computer to test, unexpectedly, and later found a high-performance equipment to test, the results are very ideal, here to remind you, low-performance equipment in the test of high bandwidth should pay special attention.
The Cisco Catalyst 2960 Series Smart Ethernet switch is a new, fixed-configuration standalone device family that provides desktop Fast Ethernet and Gigabit Ethernet connectivity to provide enhanced LAN services for entry-level enterprise, midsize market, and branch office networks. The Catalyst2960 family has integrated security features, including network Admission Control (NAC), Advanced quality of Service (QoS), and resiliency to provide intelligent service to the edge of the network.
Cisco Catalyst 2960 Series offers: Provides intelligent features for network edge, such as advanced access Control lists (ACLs) and enhanced security features dual media uplink ports provide Gigabit Ethernet uplink flexibility and can use copper or fibre uplink ports- Each media uplink Port has a two-port Ethernet port and a small pluggable (SFP) Gigabit Ethernet port, one of which is activated when used, but cannot be used at the same time. Network control and bandwidth optimization are achieved through advanced QoS, precise rate limiting, ACL, and multicast services. Network security through multiple authentication methods, data encryption technology, and network access control based on user, port and MAC address simplifies network configuration, upgrades, and troubleshooting with smartports and automatically configures specific applications using the Cisco Network Assistant
The CiscoCatalyst2960 series of software images provides a rich array of intelligent services, including advanced QoS, rate limiting, and ACLs. SFP Gigabit Ethernet ports can be installed with a wide range of SFP transceivers including CISCO1000BASE-SX, 1000BASE-LX, 1000BASE-BX, 1000base-zx, 100base-fx, 100base-lx10, 100BASE-BX and coarse-wavelength division multiplexing (CWDM) SFP transceivers.
The SRR Scheduler ensures that users can provide different priorities for data traffic by intelligently serving input and output queues. Weighted Fleet tail Drop (WTD) provides congestion avoidance for input and output queues before an outage occurs.
Rate limits are based on source and destination IP addresses, source and destination MAC addresses, layer fourth TCP/UDP information, or any combination of these fields, and are provided using QoS, ACLs (IP ACLs or Mac ACLs), level diagrams, and policy diagrams.
The input policy control and output shaping makes it easy to manage asynchronous upstream and downstream traffic from base stations or uplinks. Each Fast Ethernet or Gigabit Ethernet port can support up to 64 totals or a separate policy controller.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service