CAR — or “rate limiting” — is a method for managing unwanted traffic on your network and making sure it doesn’t affect important traffic. Essentially, CAR controls the bandwidth of a certain type of traffic, and an access control list (ACL) defines which traffic it controls. Once you’ve created the ACL, you can set CAR to enforce a bandwidth rate on that traffic in either an INBOUND or OUTBOUND direction, according to the interface on which you applied CAR.
Configuring CAR requires two simple steps:
- Create an ACL to define the traffic you want to rate limit
- Use the rate-limit command, referencing the ACL on your interface closest to the source of the traffic, referencing the proper direction, and referencing the proper bandwidth amounts.
You can only use CAR with IP traffic. To use CAR, you must first enable CEF on your routers.
Lets say you wanted to limit a branch office PC (10.1.100.1) access to the Internet. First, we must define the traffic to be rate limited on the main office router:
Cell_Main_Office(config)# access-list 110 permit tcp any eq www host 10.1.100.1
Now use the rate-limit command on the interface:
Cell_Main_Office(config)# interface Serial1/0
Cell_Main_Office(config-if)# rate-limit output access-group 110 40000 10000 30000 conform-action transmit exceed-action drop
This command has applied the rate limit to the interface, referencing ACL 110 in the outbound direction (because it is applied it on the headquarters router not the remote router). The 40000, 10000, 30000 represents the normal bits per second (bps) for this traffic (i.e., 40000 bps or about 40 Kb), the normal burst size for the traffic (i.e., 10000 or about 10 Kb), and the maximum burst size for the traffic (i.e., 30000 or about 20 Kb). The traffic must conform to these numbers in order for the router to transmit it (as specified by conform-action transmit). If the traffic exceeds those bandwidth settings, the router will drop it (as specified by exceed-action drop).
While you can use CAR in a variety of situations, keep in mind that CAR only limits what you tell it to limit with the ACL. In addition, the CAR bandwidth settings you reference limit all traffic referenced in the ACL.
We hope this helps.