From: null void (nullv0idmain@yahoo.com)
Date: Fri Feb 04 2005 - 18:10:10 GMT-3
Thanks very much for the detailed explanation that does help alot.. But I still am trying to determine weather or not in a multi-line rate limit as depicted in your great example .. Is the first line required to have a continue action , to parse the lines that may be below it ? So if I have 4 lines , will traffic be compared to all 4 lines starting from the first one until a match is made ? Or if you want them all to be used , you must include on your first rate-limit command a continue keyword ???
Thanks Null
"Edwards, Andrew M" <andrew.m.edwards@boeing.com> wrote:
I think a good example of this would be as follows:
You have a Fastethernet interface to Vlan 100 and an uplink FastEthernet
interface towards the core of your network. Service level agreements
have been made such that all web traffic to any host on Vlan100 should
be limited to 5Mbps with a precedence set to critical, traffic in excess
of this should be marked as routine. TFTP traffic to host 1.1.1.1
should be limited to 2Mbps with offending traffic dropped. In order to
support a multiple customers aggregating in the core, all customer
traffic should not exceed 50Mbps. All traffic not covered by the SLA
towards VLAN100 should be set as priority. Use R1 F0/1.
(vlan100)F0/1-R1-F0/0
Int f0/1
Rate-limit in 50000000 9375000 18750000 conform-action continue
exceed-action drop
Rate-limit out 50000000 9375000 18750000 conform-action continue
exceed-action drop
Rate-limit access 100 out 5000000 937500 1875000 conform-action
set-prec-transmit 5 exceed-action drop
Rate-limit access 110 out 2000000 375000 750000 conform-action transmit
exceed-action set-prec-trans 0
Access-list 100 permit tcp any eq 80 any
Access-list 100 permit tcp any any eq 80
Access-list 100 permit tcp any eq 443 any
Access-list 100 permit tcp any any eq 443
Access-list 110 permit udp any host 1.1.1.1 eq tftp
Access-list 110 permit udp any eq tftp host 1.1.1.1
Access-list 110 permit udp host 1.1.1.1 eq tftp any
Access-list 110 permit udp host 1.1.1.1 any eq tftp
Note the "all customer traffic" wording so its in and out limited.
Also, note that rate-limit is parsed from top down like an access-list.
HTH,
andy
-----Original Message-----
From: null void [mailto:nullv0idmain@yahoo.com]
Sent: Friday, February 04, 2005 8:06 AM
To: ccielab@groupstudy.com
Subject: CAR conform-action details
Hi, I was wondering if anyone has further information on
conform-action-continue option when configuring CAR , in the dqos / odom
book in the policing section it shows a few multi-line rate-limit
examples but doesnt really clarify what is required or give detail.. Say
we have the following situation:
Limit traffic out of R1 G0/0 interface for traffic destined to hosts on
subnet 1.1.1.x from your networks. TCP traffic must be limited to
200Mbps , WWW traffic to 10Mbps , TCP port 3389 to 10Mbps , ftp traffic
to 5 Mbps. In the dqos book they show the most specific item listed
first which in this case would be all TCP traffic to rate-limit of
2000000 , then they use the conform-action continue , down to 3 other
lines that or more granular than just all TCP traffic , so my question
is if you have a multi line rate-limit policy to apply what is the
thought process in ordering the lines and is the conform-action-continue
statement required on the first rate-limit command to use say rate-limit
lines 2 through 6 for example.. Below is from a cco doc and this is
really all I can find about it.
TIA Null