Meraki

Community

How to exempt local traffic from Global bandwidth limits

Solved
JozefH
Here to help
‎Sep 19 2022 8:24 AM
‎Sep 19 2022 8:24 AM

How to exempt local traffic from Global bandwidth limits

Hey,

 

I'm wondering what is the best way to exempt local traffic from the limits set in the "Global bandwidth limits".

 

I want to have a per-client shaping so no one can kill the whole WAN capacity (egg. each clients has maxx 200Mbps out of 300Mbps), but at the same time, I do not want users to be limited internally if there is a 1Gbps network with 10Gbps uplinks so they can access servers at full speed.

 

Group policies, or a custom shaping rule which would list all local networks.

 

Thank you.

0 Kudos
1 Accepted Solution
In response to alemabrahao
RaphaelL
Kind of a big deal
Kind of a big deal
‎Sep 19 2022 2:39 PM
‎Sep 19 2022 2:39 PM

The expression is based on destination IP. If you include ALL subnets from that network in the expression , you will exclude global bandwidth limit to all inter-vlan traffic ( LAN to LAN ) , which I think is your goal.

View solution in original post

0 Kudos
7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 19 2022 9:53 AM
‎Sep 19 2022 9:53 AM

@JozefH,

 

You can try to enable a Global bandwidth limits Per-client limit, then create a traffic shaping rule for the specific subnets, like this:

alemabrahao_0-1663606362518.png

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
ww
Kind of a big deal
Kind of a big deal
‎Sep 19 2022 10:20 AM
‎Sep 19 2022 10:20 AM

Or move svi's to a layer3 switch. But then you lose things like ips between vlans.

In response to ww
JozefH
Here to help
‎Sep 19 2022 1:34 PM
‎Sep 19 2022 1:34 PM

Actually this came as the original request, but I said NO. 🙂 Exactly because I'll loose the FW capabilities.

0 Kudos
In response to alemabrahao
JozefH
Here to help
‎Sep 19 2022 1:32 PM
‎Sep 19 2022 1:32 PM

In the example you posted the flow has to match source or destination, or both? Asking because if e.g. only source is good enough to match, then the traffic from 10.0.1.0/24 to the Internet will match as well and the per-client limit will never be enforced.

0 Kudos
In response to JozefH
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 19 2022 1:57 PM
‎Sep 19 2022 1:57 PM

Technically, I'm saying in this rule that every traffic coming from 10.0.1.0/24, 10.0.2.0/24 and 10.0.3.0/25 will be ignored (unlimited). So if I'm right, It will be valid just for the traffic on LAN.
I'm not a 100% sure, but you can test It.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
RaphaelL
Kind of a big deal
Kind of a big deal
‎Sep 19 2022 2:39 PM
‎Sep 19 2022 2:39 PM

The expression is based on destination IP. If you include ALL subnets from that network in the expression , you will exclude global bandwidth limit to all inter-vlan traffic ( LAN to LAN ) , which I think is your goal.

0 Kudos
In response to RaphaelL
JozefH
Here to help
‎Sep 21 2022 2:35 AM
‎Sep 21 2022 2:35 AM

Ok, found the right Meraki article....

 

Global Bandwidth Limit Considerations - Cisco Meraki

 

"The custom expression that was created is based upon the destination address in the traffic"

 

Thanks to all of you who relied...

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.