From: Chris Lewis (chrlewiscsco@gmail.com)
Date: Sun Dec 18 2005 - 13:35:47 GMT-3
rate-limit as well as MQC police can act as you describe, however it depends
upon configuration. If you implement hierarchy in the policy, the 5K for UDP
will be counted against the 100K for UDP.
With legacy rate limit, this is implemented with the continue option, so
with the first rate policy the packet matched DNS is accounted for against
the rate allowed for DNS, then with the continue option, the packet is
evaluated against the next entry (one for all UDP) and also counts against
the allocated amount for that traffic.
For MQC the hierarchy is a little more easy (I think, as you create a child
policy nested within the parent that is applied to the interface.
Chris
On 12/17/05, my-ccie-test@libero.it <my-ccie-test@libero.it> wrote:
>
> Hi all,
> I have a doubt about the use of multiple rate-limit for a single
> interface.
>
> at the url
>
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hqos_c/
part20/qchpolsh.htm
>
> the doc cd says:
>
> Cascading of rate policies allows a series of rate limits to be applied to
> packets to specify more granular policies (for example, you could rate
limit
> total traffic on an access link to a specified subrate bandwidth and then
> rate limit World Wide Web traffic on the same link to a given proportion of
> the subrate limit) or to match packets against an ordered sequence of
> policies until an applicable rate limit is encountered (for example, rate
> limiting several MAC addresses with different bandwidth allocations at an
> exchange point). You can configure up to a 100 rate policies on a
> subinterface.
>
> my doubt is on the words:
>
> you could rate limit total traffic on an access link to a specified
> subrate bandwidth and then rate limit World Wide Web traffic on the same
> link to a given proportion of the subrate limit
>
> suppose you want to limit dns traffic to a rate of 5k/s of a total rate
> assigned to udp traffic of 100K/s.
> you will configure a rate-limit for dns traffic and a second rate-limit
> for generic udp traffic, the udp dns packet will match the first sentence
of
> rate-limit and it will be transmit according with the configured rule, a
> generic udp packet will not match the first rate-limit configured,so it
will
> go to the second rate-limit and it will be transmitted or dropped according
> to the configured rate-limit.
> I think the total amount of traffic permitted on this link will be 5K/s
> for dns traffic and 100K/s for generic udp traffic, for a total of 105K/s
of
> traffic permitted and not a total of 100K/s,so the udp traffic will not be
a
> proportion of the entire udp traffic.
> infact generic udp packet not matching the first rate-limit will be
> limited to 100K/s while dns packet will be limited to 5K/s for a total of
> available bandwith of 105 K/s because the dns packet will never match both
> the first and the second rate-limit, resulting in two different portions of
> bandwith dedicated for dns packets and udp packets.
>
> Wath is the right configuration for subrate limit bandwith?
>
> TIA
>
> Max
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:51 GMT-3