From: Bob Sinclair (bsin@cox.net)
Date: Sun Nov 14 2004 - 14:17:29 GMT-3
Tim,
If I understand you correctly, your question is "can we apply an input
filter as a service-policy within a shaping, frts, map-class?" The answer
appears to be yes. I created exactly the config you suggested, and it is
shaping outboung and filtering inbound telnet. Wonders never cease!
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: "ccie2be" <ccie2be@nyc.rr.com>
To: "ccie2be" <ccie2be@nyc.rr.com>; "Bob Sinclair"
<bsinclair@netmasterclass.net>; <jean.paul.baaklini@accenture.com>;
<ccielab@groupstudy.com>
Sent: Sunday, November 14, 2004 8:45 AM
Subject: Re: MQC QoS - map class or service-policy
> One other question:
>
> Is something like this possible?
>
> map-class frame-relay Block-Inbound <--- Normally used to shape outbound
> traffic
> frame cir xxx
> service-policy input Block-Telnet <--- Notice direction is IN
>
> int s0
> frame-relay traffic-shaping
> frame class Block-Inbound
>
> I wonder because typically map-classes are used to shape outbound traffic.
> So, if a service-policy to block certain inbound traffic
> is inside a map-class frame-relay that normally shapes outbound traffic,
> is
> that a config that actually works. I can't test this with the old routers
> I
> have, so maybe someone can comment on this.
>
>
>
>
>> Hi Bob,
>>
>> Recently, I've been trying to sort out this issue of where the
>> service-policy should be applied in the context of a f/r interface and
> found
>> your post.
>>
>> So far, this is how I think about these 2 constructs. Please correct me
>> if
>> anything I say is not completely true.
>>
>> Starting first with the simple cases:
>>
>> FRTS without MQC
>> Use this when traffic shaping settings apply equally to all traffic
>> types (http, smtp, etc)
>> Use multiple map-classes when FRTS settings are different for
> different
>> dlci's
>> Apply at the appropriate level of int - either phy, p2m sub, or p2p
> sub
>> Map-classes applied at phy level are inherited by sub-int unless
>> overrided
>>
>> MQC without FRTS map-classes
>> Use this if different types of traffic (http, smtp, etc) get
> different
>> treatments
>> Apply at the appropriate level of int - either phy, p2m sub, or p2p
> sub
>> Can not be applied to an individual dlci of a phy or p2m sub.
>> Service-policy applied at phy level are inherited by sub-int unless
>> overrided
>>
>> Now, it starts to get more complicated
>>
>> MQC with FRTS (Service-policy inside map-class)
>> Use this when you need to prioritize by traffic type within a dlci
>> Like before, use multiple map-classes when FRTS settings are
> different
>> for different dlci's
>> Apply at the appropriate level of int - either phy, p2m sub, or p2p
>> sub
>> Map-classes applied at phy level are inherited by sub-int unless
>> overrided
>>
>> BTW, one interesting and potentially very useful application of the above
>> construct is this can be used to apply an acl to
>> a particular dlci on a p2m interface either phy or p2m sub that doesn't
>> affect any traffic of the other dlci's. For example, let's say
>> a f/r physical interface is using 3 dlci's and 1 dlci connects to an ISP
> and
>> the other 2 connect to other routers in your network. And, you want to
>> block telnet access from the ISP but not block telnet access on the other
> 2
>> dlci's. Using MQC, telnet traffic is specified in a class-map, dropped in
> a
>> policy-map and applied with service-policy within a map-class that
>> applied
>> to a particular dlci. (I don't know for sure this will actually work
> because I don't know if it's possible to
>> have a service policy INPUT inside a map-class.)
>>
>> MQC with FRTS (Service-policy NOT inside map-class)
>> I have no idea when I should use this ????
>>
>> If anybody can explain when this last scenario should be use and give a
>> concrete example or 2, that would be very, very helpful.
>>
>> OK, time to get to studying.
>>
>> TIA, Tim
>>
>> ----- Original Message -----
>> From: "Bob Sinclair" <bsinclair@netmasterclass.net>
>> To: <jean.paul.baaklini@accenture.com>; <ccielab@groupstudy.com>
>> Sent: Monday, September 13, 2004 12:19 PM
>> Subject: Re: MQC QoS - map class or service-policy
>>
>>
>> > JP,
>> >
>> > A couple differences of note:
>> >
>> > If you want different parameters on different VCs of a multipoint
>> interface
>> > then you will need to apply them in a map-class using frts.
>> >
>> > You will need to use a service-policy directly on the interface (or
>> > GTS)
>> if
>> > you want different shaping parameters for different types of traffic on
> an
>> > interface.
>> >
>> > HTH,
>> >
>> > Bob Sinclair
>> > CCIE #10427, CISSP, MCSE
>> > www.netmasterclass.net
>> >
>> > ----- Original Message -----
>> > From: <jean.paul.baaklini@accenture.com>
>> > To: <ccielab@groupstudy.com>
>> > Sent: Monday, September 13, 2004 7:07 AM
>> > Subject: MQC QoS - map class or service-policy
>> >
>> >
>> > > Hi Group,
>> > >
>> > > When configuring MQC QoS on routers meshed through a Frame-Relay
>> > > network.
>> > >
>> > > What's the difference between applying the service-policy command
>> > > directly to the interface or within a frame-relay class command?
>> > >
>> > > Cheers,
>> > > JP
>> > >
>> > >
>> > > This message is for the designated recipient only and may contain
>> > > privileged, proprietary, or otherwise private information. If you
> have
>> > > received it in error, please notify the sender immediately and delete
>> the
>> > > original. Any other use of the email by you is prohibited.
>> > >
>> > >
> _______________________________________________________________________
>> > > Please help support GroupStudy by purchasing your study materials
> from:
>> > > http://shop.groupstudy.com
>> > >
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> > _______________________________________________________________________
>> > Please help support GroupStudy by purchasing your study materials from:
>> > http://shop.groupstudy.com
>> >
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:45 GMT-3