- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VLAN traffic shapping
Can VLANs on a Meraki be traffic shaped?
SD-WAN can do application traffic shaping. You can rate limit on SSID
You can rate limit bandwidth on a Per-client basis. Can you limit VPN traffic?
Solved! Go to solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Agree with @GreenMan I have not found a way to limit total BW policy statements, while still allowing users to "burst" into the total site BW. Its all or nothing in my experience. You can create Group Polices and apply them at VLAN/Interface level, and then create traffic shaping rules to limit that CIDR to a set BW using localnet CIDR statements. Not that this cannot be a % of BW and thus, should a WAN link fail, this allocation will need to be adjusted to gain the same effect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For that you need to filter using localnet. So for example localnet:10.1.0.0/24.
Then your usual actions are available on AP or MX where you want to use the traffic shaping. So you can use bandwidth limit (obey, ignore, set limit) which is per flow. And of course setting the priority and DSCP values. On wireless you can also set the PCP which selects the WMM queue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So does that mean it can be set up in a way that it does not burst?
USE Case:
- Customer – with sub-tenants - has a 100 Mbps ISP circuit. Does not want one tenant to “hog-up” bandwidth at the detriment of others
- They have 5 VLANs –
- 2 have a CIR of 30 Mbps
- 4 have a CIR = 15 Mbps
- ….but allow each VLAN to burst to full speed if bandwidth is not be used by other CIR commitments. For example, if only one VLAN is accessing the Internet (at any one give time) then that VLAN has full access to the 100 Mbps circuit. However, if all VLANS are accessing the Internet (at any one give time), there is a “rate-limiting” feature.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A bunch of gotchas exist around achieving some of what you are asking for.
You can achieve a subset of this usecase by using Group Policies applied to the MX VLAN interface. You can create two polices (1 for CIR 30, and 1 for CIR 15) and apply them to the MX VLAN. Big assumption is that these SVIs are hosted on the MX. You can then create localnet traffic shaping rules to limit total BW for these networks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This type of statistical shaping ("only apply the limit when the link is full") is not supported.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks so based off that use case above, this is a one-off ask and just can't be done?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Correct - the facility to do this doesn't currently exist. You could make a request for this using the 'Give your feedback' button in the bottom right of the Dashboard. If it's particularly important to you, you may also wish to take it up through your Meraki account team. Contact details are available via Help (or ?) > Get help > Still need help? > Contact your Meraki Sales representative, within Dashboard.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Agree with @GreenMan I have not found a way to limit total BW policy statements, while still allowing users to "burst" into the total site BW. Its all or nothing in my experience. You can create Group Polices and apply them at VLAN/Interface level, and then create traffic shaping rules to limit that CIDR to a set BW using localnet CIDR statements. Not that this cannot be a % of BW and thus, should a WAN link fail, this allocation will need to be adjusted to gain the same effect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you.