From: Richard Dumoulin (richard.dumoulin@vanco.es)
Date: Sat Mar 20 2004 - 07:28:51 GMT-3
I also added a line in the access-list for telnet traffic and I can confirm
that the packets were marked. Now I have to go but I will try with NBAR to
confirm my reasoning (or not ?!?!),
Regards,
--Richard
-----Mensaje original-----
De: Richard Dumoulin
Enviado el: sabado, 20 de marzo de 2004 11:24
Para: Richard Dumoulin; Marko Berend; ccielab@groupstudy.com
Asunto: RE: Service-policy from the router
And the packets are marked !!
R4#sh policy-map int se 0/0.1
Serial0/0.1
Service-policy output: qos
Class-map: qos (match-all)
5 packets, 520 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name qos
QoS Set
precedence 5
Packets marked 5
Class-map: class-default (match-any)
3 packets, 390 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
--Richard
-----Mensaje original-----
De: Richard Dumoulin
Enviado el: sabado, 20 de marzo de 2004 11:18
Para: Marko Berend; ccielab@groupstudy.com
Asunto: RE: Service-policy from the router
Marko, I tested it and it worked. See below how I tested (without a sniffer
!!):
On R4
class-map match-all qos
match access-group name qos
!
!
policy-map qos
class qos
set ip precedence 5
!
interface Serial0/0.1 point-to-point
ip address 173.168.40.2 255.255.255.0
service-policy output qos
frame-relay interface-dlci 504
!
interface Loopback0
ip address 44.1.1.1 255.255.255.0
end
!
ip access-list extended qos
permit ip host 44.1.1.1 any
On R3
interface Serial0/0.2 point-to-point
ip address 173.168.40.1 255.255.255.0
rate-limit input access-group rate-limit 1 8000 1500 3000 conform-action
drop exceed-action drop
frame-relay interface-dlci 405
!
interface Loopback0
ip address 10.33.1.1 255.255.255.0
end
!
access-list rate-limit 1 5
Test:
R4#pi ip
Target IP address: 10.33.1.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 44.1.1.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.33.1.1, timeout is 2 seconds:
Packet sent with a source address of 44.1.1.1
.....
Success rate is 0 percent (0/5)
R4#pi 10.33.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.33.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/60 ms
R3#sh int se 0/0.2 rate-limit
Serial0/0.2
Input
matches: access-group rate-limit 1
params: 8000 bps, 1500 limit, 3000 extended limit
conformed 5 packets, 520 bytes; action: drop
exceeded 0 packets, 0 bytes; action: drop
last packet: 56016ms ago, current burst: 0 bytes
last cleared 00:08:35 ago, conformed 0 bps, exceeded 0 bps
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#int se 0/0.1
R4(config-subif)#no serv out qos
R4(config-subif)#^Z
R4#pi ip
Target IP address:
4d15h: %SYS-5-CONFIG_I: Configured from console by console10.33.1.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 44.1.1.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.33.1.1, timeout is 2 seconds:
Packet sent with a source address of 44.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/58/60 ms
This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:40 GMT-3