SupportDocumentationRoutersAccess RoutersAR600&6100&6200&6300Configuration & CommissioningConfiguration Examples

NetEngine AR600, AR6100, AR6200, and AR6300 Web-based Typical Configuration Examples

Example for Configuring QoS to Limit the Maximum Upload and Download Rates of Each Intranet User

Example for Configuring QoS to Limit the Maximum Upload and Download Rates of Each Intranet User

Specifications

This example applies to all AR models of V300R019C00 and later versions.

Networking Requirements

In Figure 1, Router serves as the egress gateway of an enterprise network and connects to the Internet through GE0/0/1. GE0/0/9 uses the static IP address 10.1.1.110/24; the gateway IP address is 10.1.1.1; the DNS server IP addresses are 203.10.1.150 and 203.1.1.148. The network address translation (NAT) service is configured on Router to allow intranet users to access the Internet. The enterprise requires to limit the upload rate of each user (each IP address) in the network segment 192.168.10.0/24 to 64 kbit/s and the download rate to 128 kbit/s, and limit the upload rate of each user in the network segment 192.168.20.0/24 to 128 kbit/s and the download rate to 256 kbit/s.

Figure 2-374 Networking diagram for configuring traffic policing

Configuration Roadmap

The configuration roadmap is as follows:

  1. Complete basic network configurations. (If basic network configurations have been completed, skip this step and go to step 2[t(1] .)
    • Set parameters, such as the interface IP address and gateway address, on GE0/0/9.
    • Create VLAN 10 and VLANIF 10 and use VLANIF 10 as the gateway of the network segment 192.168.10.0/24. Create VLAN 20 and VLANIF 20 and use VLANIF 20 as the gateway of the network segment 192.168.20.0/24. Add the Layer 2 Ethernet interface Ethernet6/0/2 connecting Router to Switch to VLAN 10 and VLAN 20 as a trunk interface.
  2. Configure rate limiting based on IP network segments on VLANIF 10 and VLANIF 20 respectively.

Procedure

  1. Configure GE0/0/9, add the Layer 2 Ethernet interface Eth0/0/2 to VLANs, and create VLANIF interfaces.

    1. Configure GE0/0/9.
      Choose Configuration > WAN Configuration > Ethernet Interface > Interface Configuration. Set the parameters in the Ethernet Interface Settings area and click OK, as shown in Figure 2.
      Figure 2-375 Creating an Ethernet interface

    2. Choose Configuration > LAN Configuration > VLAN. Set the parameters in the VLAN Settings area and click Add, as shown in Figure 3.
      Figure 2-376 Creating a VLAN

    3. Choose Configuration > LAN Configuration > VLAN > VLANIF. In the Configured VLANIF Interface List area, select Vlanif10 and click Modify in the Operation column. Set the parameters in the Modify VLANIF area and click OK, as shown in Figure 4.
      Figure 2-377 Modifying configurations of VLANIF 10

    4. Configure VLAN 20. The procedure is similar to that for configuring VLAN 10.

  2. Configure inbound rate limiting based on source IP addresses on the VLANIF interfaces.

    On the web platform, choose Advanced > QoS Configuration > Interface Rate Limit. Set the parameters in the Interface Rate Limit Settings area and click Apply, as shown in Figure 5 and Figure 6.
    Figure 2-378 Configuring inbound rate limiting on VLANIF 10
    Figure 2-379 Configuring inbound rate limiting on VLANIF 20

  3. Configure outbound rate limiting based on destination IP addresses on the VLANIF interfaces.

    On the web platform, choose Advanced > QoS Configuration > Interface Rate Limit. Set the parameters in the Interface Rate Limit Settings area and click Apply, as shown in Figure 7 and Figure 8.
    Figure 2-380 Configuring outbound rate limiting on VLANIF 10
    Figure 2-381 Configuring outbound rate limiting on VLANIF 20

Precautions

  1. Rate limiting for intranet users must be configured on Layer 3 interfaces, which can be physical or logical interfaces. This example describes rate limiting on VLANIF interfaces.
  2. When specifying a bandwidth limit for each intranet user, set Type to Exclusive. If Type is set to Shared, all the users in the network segment specified by Start source IP and End source IP share the specified bandwidth. Therefore, each user can use only a limited bandwidth. If Type is set to Exclusive, each IP address in the network segment uses the specified bandwidth exclusively.
  3. In this example, rate limiting is configured on the intranet interface (the interface connecting the router to the intranet). Typically, rate limiting for each intranet user or intranet users in a specific network segment is configured on an intranet interface. As the NAT service is deployed on the public network interface, configuring rate limiting for intranet users on the public network interface is complex and will increase the device cost and reduce the device performance.
  4. Set Direction to Inbound or Outbound based on the direction of the traffic to be rate-limited.
    • For an intranet interface, inbound traffic indicates the traffic entering the router through the intranet interface. The traffic is sent from PCs to the Internet, so the limited rate is the upload rate or uplink bandwidth. Similarly, outbound traffic indicates the traffic going out of the router through the intranet interface. The traffic is sent from the Internet to PCs, so the limited rate is the download rate or downlink bandwidth.
    • For a public network interface, inbound traffic indicates the traffic entering the router through the public network interface. The traffic is sent from the Internet to PCs, so the limited rate is the download rate or downlink bandwidth. Similarly, outbound traffic indicates the traffic going out of the router through the public network interface. The traffic is sent from PCs to the Internet, so the limited rate is the upload rate or uplink bandwidth.