How to exempt local traffic from Global bandwidth limits

SOLVED
JozefH
Here to help

How to exempt local traffic from Global bandwidth limits

Hey,

 

I'm wondering what is the best way to exempt local traffic from the limits set in the "Global bandwidth limits".

 

I want to have a per-client shaping so no one can kill the whole WAN capacity (egg. each clients has maxx 200Mbps out of 300Mbps), but at the same time, I do not want users to be limited internally if there is a 1Gbps network with 10Gbps uplinks so they can access servers at full speed.

 

Group policies, or a custom shaping rule which would list all local networks.

 

Thank you.

1 ACCEPTED SOLUTION

The expression is based on destination IP. If you include ALL subnets from that network in the expression , you will exclude global bandwidth limit to all inter-vlan traffic ( LAN to LAN ) , which I think is your goal.

View solution in original post

7 REPLIES 7
alemabrahao
Kind of a big deal
Kind of a big deal

@JozefH,

 

You can try to enable a Global bandwidth limits Per-client limit, then create a traffic shaping rule for the specific subnets, like this:

alemabrahao_0-1663606362518.png

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
ww
Kind of a big deal
Kind of a big deal

Or move svi's to a layer3 switch. But then you lose things like ips between vlans.

JozefH
Here to help

Actually this came as the original request, but I said NO. 🙂 Exactly because I'll loose the FW capabilities.

In the example you posted the flow has to match source or destination, or both? Asking because if e.g. only source is good enough to match, then the traffic from 10.0.1.0/24 to the Internet will match as well and the per-client limit will never be enforced.

alemabrahao
Kind of a big deal
Kind of a big deal

Technically, I'm saying in this rule that every traffic coming from 10.0.1.0/24, 10.0.2.0/24 and 10.0.3.0/25 will be ignored (unlimited). So if I'm right, It will be valid just for the traffic on LAN.
I'm not a 100% sure, but you can test It.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

The expression is based on destination IP. If you include ALL subnets from that network in the expression , you will exclude global bandwidth limit to all inter-vlan traffic ( LAN to LAN ) , which I think is your goal.

Ok, found the right Meraki article....

 

Global Bandwidth Limit Considerations - Cisco Meraki

 

"The custom expression that was created is based upon the destination address in the traffic"

 

Thanks to all of you who relied...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels