Home > Wireless LAN > Firewall and Traffic Shaping > Simple Traffic Shaping Strategy

Simple Traffic Shaping Strategy

Traffic shaping can be used on Cisco Meraki MR and MX/Z devices to limit client throughput based on different rules. This allows less desirable traffic to be throttled, while allowing more important traffic to be processed normally. It can also be used to limit the throughput for individual devices, to prevent a small number of clients from saturating the network, while other clients are unable to function. 

This article details some examples of how traffic shaping can be used to allow 20 users to surf the web and use LAN based Terminal Services freely, while virtually disabling unwanted traffic types such as Music and Video while on Cisco Meraki AP's. Please keep in mind configurations may differ based on the environment and network requirements. For these examples, it is assumed the internet connection is 10Mbps down and 5Mbps up and that approximately half of the users will access remote web services on the internet while the other half connect to Terminal Services on the high speed LAN .

 

Example 1: Limiting overall bandwidth for individual clients to 1024Kbps down and 512Kbps up:

On the MX security appliance:

  1. Navigate to Security appliance > Configure > Traffic shaping
  2. Under the Global bandwidth limits section, select the Per client limit
  3. Click the details
  4. Enter 1024 in the down (Kbps) field and 512 in the up (Kbps) field
  5. Check the box Enable SpeedBurst if desired (this will allow the client to temporarily exceed the limit)
  6. Click the Save changes button

 

On the MR APs:

  1. Navigate to Wireless > Configure > Firewall & traffic shaping
  2. Select the SSID you want to configure from the SSID drop down
  3. Find Per-client bandwidth limit
  4. Click the details link
  5. Enter 1024 in the down (Kbps) field and 512 in the up (Kbps) field
  6. Check the box Enable SpeedBurst if desired (this will allow the client to temporarily exceed the limit)
  7. Click the Save changes button

 

Example 2: Configuring a traffic shaping rule to limit unwanted bandwidth consumption for Video & Music traffic to 20kbps down/up:

On the MX security appliance:

  1. Navigate to Security appliance > Configure > Traffic shaping
  2. Under Traffic shaping rules, click the Create a new rule
  3. In the Definition field click Add+
  4. Select Video & music then All Video & music
  5. Select "Choose a limit" from the Bandwidth limit drop down
  6. Click the detail link and enter 20 in the down (Kbps) field and 20 in the up (Kbps) field
  7. Change the Priority to "Low"
  8. Click the Add a new shaping rule link and repeat these steps for each type of traffic you want to apply the lowest limit to
  9. Click the Save changes button

 

On the MR APs:

  1. Navigate to Wireless > Configure > Firewall & traffic shaping
  2. In the Shape traffic dropdown select "Shape traffic on this SSID"
  3. Click Create a new rule
  4. In the Definition field click Add+
  5. Select Video & music then All Video & music
  6. Select "Choose a limit" from the Bandwidth limit drop down
  7. Click the detail link and enter 20 in the down (Kbps) field and 20 in the up (Kbps) field
  8. Click the Add a new shaping rule link and repeat these steps for each type of traffic you want to apply the lowest limit to

 

Example 3: Set a port based traffic shaping rule to ignore bandwidth limits on Terminal Services (Port 3389):

  1. For an MX security appliance navigate to Security appliance > Configure > Traffic shaping.
    For an MR AP network navigate to Wireless > Configure > Firewall & traffic shaping, then select the SSID to update.
  2. Click the Add a new shaping rule link.
  3. In the Definition field click Add+
  4. Choose Custom expressions, enter "3389" in the textfield, and click Add expression
  5. Select "Ignore SSID/Network limit (unlimited)" from the Bandwidth limit drop down
  6. Click the Save changes button.

 

You must to post a comment.
Last modified
09:00, 3 Feb 2015

Tags

This page has no custom tags.

Classifications

This page has no classifications.

Article ID

ID: 2004

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case