From: Edwards, Andrew M (andrew.m.edwards@boeing.com)
Date: Fri Feb 04 2005 - 18:25:15 GMT-3
The rate-limit command is parsed in the order in which they appear under
the interface.
So, in classic ccie lingo, the answer is it depends on what you are
trying to do.
But, as with the other example you were given, you should look at what
you the objective is and when in doubt ask the proctor.
The other responder indicated that you might want to rate-limit all tcp
traffic to 20Mbps. And then do some other rate-limiting for specific
tcp flows.
The question then is, do I include the other tcp flows into my 20Mbps
rate-limit requirement or are the requirements mutually exclusive of
each other?
If they are mutually exclusive, then rate-limit the more specific flows
first with the generic catch all to 20Mbps last.
If they are not mutually exclusive, and the 20Mbps rate includes the
other tcp flows, then the 20Mbps rate-limit would be placed first with
the continue keyword such that the remaining tcp flow rate-limiting
could be addressed.
HTH,
andy
-----Original Message-----
From: null void [mailto:nullv0idmain@yahoo.com]
Sent: Friday, February 04, 2005 1:10 PM
To: Edwards, Andrew M; ccielab@groupstudy.com
Subject: RE: CAR conform-action details
Thanks very much for the detailed explanation that does help
alot.. But I still am trying to determine weather or not in a multi-line
rate limit as depicted in your great example .. Is the first line
required to have a continue action , to parse the lines that may be
below it ? So if I have 4 lines , will traffic be compared to all 4
lines starting from the first one until a match is made ? Or if you want
them all to be used , you must include on your first rate-limit command
a continue keyword ???
Thanks Null
"Edwards, Andrew M" <andrew.m.edwards@boeing.com> wrote:
I think a good example of this would be as follows:
You have a Fastethernet interface to Vlan 100 and an
uplink FastEthernet
interface towards the core of your network. Service
level agreements
have been made such that all web traffic to any host on
Vlan100 should
be limited to 5Mbps with a precedence set to critical,
traffic in excess
of this should be marked as routine. TFTP traffic to
host 1.1.1.1
should be limited to 2Mbps with offending traffic
dropped. In order to
support a multiple customers aggregating in the core,
all customer
traffic should not exceed 50Mbps. All traffic not
covered by the SLA
towards VLAN100 should be set as priority. Use R1 F0/1.
(vlan100)F0/1-R1-F0/0
Int f0/1
Rate-limit in 50000000 9375000 18750000 conform-action
continue
exceed-action drop
Rate-limit out 50000000 9375000 1875! 00! 00
conform-action continue
exceed-action drop
Rate-limit access 100 out 5000000 937500 1875000
conform-action
set-prec-transmit 5 exceed-action drop
Rate-limit access 110 out 2000000 375000 750000
conform-action transmit
exceed-action set-prec-trans 0
Access-list 100 permit tcp any eq 80 any
Access-list 100 permit tcp any any eq 80
Access-list 100 permit tcp any eq 443 any
Access-list 100 permit tcp any any eq 443
Access-list 110 permit udp any host 1.1.1.1 eq tftp
Access-list 110 permit udp any eq tftp host 1.1.1.1
Access-list 110 permit udp host 1.1.1.1 eq tftp any
Access-list 110 permit udp host 1.1.1.1 any eq tftp
Note the "all customer traffic" wording so its in and
out limited.
Also, note that rate-limit is parsed from top down like
an access-list.
HTH,
andy
-----Original Message-----
From: null void [mailto:nullv0idmain@yahoo.com]
Sent: Friday, February 04, 2005 8:06 AM
To: ccielab@groupstudy.com
Subject: CAR conform-action details
Hi, I was wondering if anyone has further information on
conform-action-continue option when configuring CAR , in
the dqos / odom
book in the policing section it shows a few multi-line
rate-limit
examples but doesnt really clarify what is required or
give detail.. Say
we have the following situation:
Limit traffic out of R1 G0/0 interface for traffic
destined to hosts on
subnet 1.1.1.x from your networks. TCP traffic must be
limited to
200Mbps , WWW traffic to 10Mbps , TCP port 3389 to
10Mbps , ftp traffic
to 5 Mbps. In the dqos book they show the most specific
item listed
first which in this case would be all TCP traffic to
rate-limit of
2000000 , then they use the conform-action continue ,
down to 3 other
lines that or more granular than just all TCP traffic ,
so my question
is if you have a multi line rate-limit policy to apply
what is the
thought process in ordering the lines and is the
conform-action-continue
statement required on the first rate-limit command to
use say rate-limit
lines 2 through 6 for example.. Below is from a cco doc
and this is
really all I can find about it.
TIA Null