Control unwanted traffic on your Cisco router with CAR

Published Date
21 - Feb - 2007
| Last Updated
21 - Feb - 2007
 
Control unwanted traffic on your Cisco router with CAR

Committed access rate (CAR)--or "rate limiting"--is a method for managing unwanted traffic on your network and making sure it doesn't affect important traffic.

For example, if someone is downloading a lot of Web traffic from a Web site, he or she could preclude necessary traffic from getting through--and potentially make the production servers inaccessible over the network. Let's discuss how you can use CAR to prevent such an event.

You can only use CAR with IP traffic--it doesn't work for non-IP traffic. To use CAR, you must enable CEF on your routers. (For more information, check out "Get better performance with Cisco Express Forwarding (CEF).")

Essentially, CAR controls the bandwidth of a certain type of traffic, and an access control list (ACL) defines which traffic it controls. Once you've created the ACL, you can set CAR to enforce a bandwidth rate on that traffic in either an INBOUND or OUTBOUND direction, according to the interface on which you applied CAR.

CAR can be very useful as a basic QoS function. For example, let's say you have a production application at a remote location across a 128-Kb WAN connection. The application works fine until, one day, a new employee gets a PC, a Web browser, and Internet access.

When in use, that single Web browser slows down the entire remote production network by downloading Web pages and documents over the 128-Kb connection. So how can you prevent the Web browsing from taking over the WAN connection and slowing down the production application?

There are many QoS functions on a Cisco router, and there are many third-party applications and appliances that can help solve this problem. However, the simplest solution to this problem costs nothing--and only takes about two minutes to implement using the Cisco IOS and CAR.

Using CAR requires two simple steps:

  1. Create an ACL to define the traffic you want to rate limit.
  2. Use the rate-limit command, referencing the ACL on your interface closest to the source of the traffic, referencing the proper direction, and referencing the proper bandwidth amounts.

To return to our example, let's say you have a headquarters location that provides the Internet access for this single PC across the WAN. Even if browsing the Web is a necessary business function, it's negatively affecting the performance of the production application on the remote network.

Committed access rate (CAR)--or "rate limiting"--is a method for managing unwanted traffic on your network and making sure it doesn't affect important traffic.

For example, if someone is downloading a lot of Web traffic from a Web site, he or she could preclude necessary traffic from getting through--and potentially make the production servers inaccessible over the network. Let's discuss how you can use CAR to prevent such an event.

You can only use CAR with IP traffic--it doesn't work for non-IP traffic. To use CAR, you must enable CEF on your routers. (For more information, check out "Get better performance with Cisco Express Forwarding (CEF).")

Essentially, CAR controls the bandwidth of a certain type of traffic, and an access control list (ACL) defines which traffic it controls. Once you've created the ACL, you can set CAR to enforce a bandwidth rate on that traffic in either an INBOUND or OUTBOUND direction, according to the interface on which you applied CAR.

CAR can be very useful as a basic QoS function. For example, let's say you have a production application at a remote location across a 128-Kb WAN connection. The application works fine until, one day, a new employee gets a PC, a Web browser, and Internet access.

When in use, that single Web browser slows down the entire remote production network by downloading Web pages and documents over the 128-Kb connection. So how can you prevent the Web browsing from taking over the WAN connection and slowing down the production application?

There are many QoS functions on a Cisco router, and there are many third-party applications and appliances that can help solve this problem. However, the simplest solution to this problem costs nothing--and only takes about two minutes to implement using the Cisco IOS and CAR.

Using CAR requires two simple steps:

  1. Create an ACL to define the traffic you want to rate limit.
  2. Use the rate-limit command, referencing the ACL on your interface closest to the source of the traffic, referencing the proper direction, and referencing the proper bandwidth amounts.

To return to our example, let's say you have a headquarters location that provides the Internet access for this single PC across the WAN. Even if browsing the Web is a necessary business function, it's negatively affecting the performance of the production application on the remote network.

Team DigitTeam Digit

All of us are better than one of us.