Following are our basic setup & needs:
R1 (has 30 Office & 20 Lab PCs) is connected with R0
R0 (has 55 Office & 75 Lab PCs) is connected with ISP
R2 (has 90 Office & 30 Lab PCs) is connected with R0
For security reason there are couple of subnets beind each router. Each Router has multiple labs behind it. Roouters implement srcnat and on R0 we have added static route to networks beind R1 & R2 respectively. IP and MAC of each machine are bound in ARP list of each router. VLSM of 172.17.0.0/16 was used in all place.
While in some case office & lab PCs are under same subnet; but, lab PCs are given address from the end and office PCs are given address from the beginning of that subnet block. For example 172.17.2.2 onward was given to office PCs and 172.17.2.254 backward was given to lab PCs.
We need to give unlimited/higher (in that case be able to change) bandwidth to key management people behind each router. We also want to be able to manipulate bandwidth of each office user behind a particular IP. Lab PCs can be lumped up as a block i.e don’t need to be tracked individually. But, for accounting and tracability if it’s required let it be there & can go udner a tree.
Keeping managibility, clarity & accountability in mind requesting suggestion of best way to distribute 5 MB Bandwidth among 300+ users on 3 routers.