From: Aaron Pilcher (apilcher@itgcs.com)
Date: Wed Aug 09 2006 - 11:00:23 ART
Yep. For that CAR example it is all 'bout the order of operations.
-----Original Message-----
From: Paul Dardinski [mailto:pauld@marshallcomm.com]
Sent: Wednesday, August 09, 2006 8:36 AM
To: Aaron Pilcher; Cisco certification; yan.anchipolovskiy@prudential.com
Subject: RE: CAR rate limiting
I guess I'm not seeing how the below config would limit a subrate of
traffic within a larger rate of traffic. WWW/FTP is subset of all TCP
traffic. So, the below config seems to limit tcp to x, but doesn't take
into account the subrate of www traffic. To put it another way, if tcp
is limited to rate 2Mbps as below, then the www/ftp traffic would fall
out here and hence not be restricted to the 1Mbps?
If you listed the class ftp/www first, then it would limit that rate to
the 1Mbps, so that works. If take to the next step then, using CAR,
could just cascade the smaller ftp/www rate-limit first, then the larger
following, ie:
rate-limit output access-group 100 1000000 1500 2000 conform-action
transmit
exceed-action drop
rate-limit output access-group 101 2000000 1500 2000 conform-action
transmit exceed-action drop
access-list 100 perm tcp any any eq ftp
access-list 100 perm tcp any any eq ftp-data
access-list 101 perm tcp any any
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Aaron Pilcher
Sent: Wednesday, August 09, 2006 9:10 AM
To: 'Salzano, Mario Arthur Costa'; Paul Dardinski; 'Cisco certification'
Subject: RE: CAR rate limiting
Good point....
class-map match-all NoCEF1
match not access-group name NoCEF2
match access-group name NoCEF1
class-map match-any NoCEF2
match access-group name NoCEF2
-----Original Message-----
From: Salzano, Mario Arthur Costa [mailto:mario.salzano@siemens.com]
Sent: Wednesday, August 09, 2006 8:01 AM
To: Aaron Pilcher; Paul Dardinski; Cisco certification
Subject: RE: CAR rate limiting
But FTP is also a TCP protocol. How could we separate them?
Matching NoCEF1 is also a matching on NoCEF2.
Does anybody have an idea for this case?
I think that using "match not" expression could be a solution.
Regards,
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Aaron Pilcher
Sent: Wednesday, August 09, 2006 9:38 AM
To: 'Paul Dardinski'; 'Cisco certification'
Subject: RE: CAR rate limiting
Yes it is possible using CAR, or LLQ......the enclosed use a higher rate
than than 100/500k....
class-map match-any NoCEF1
match access-group name NoCEF1
class-map match-any NoCEF2
match access-group name NoCEF2
!
!
policy-map LIMIT
class NoCEF1
bandwidth 2000
class NoCEF2
bandwidth 1000
Interface gig0/0
service-policy output LIMIT
ip access-list extended NoCEF1
permit tcp any any
ip access-list extended NoCEF2
permit tcp any any eq ftp
permit tcp any any eq ftp-data
*********************************************
*********************************************
rate-limit output access-group 100 2000000 1500 2000 conform-action
transmit
exceed-action drop
rate-limit output access-group 101 1000000 1500 2000 conform-action
transmit exceed-action drop
The ACLs 100 and 101 would, of course be something like the above
(NoCEF1
and NoCEF2).
************************************************************************
*
************************************************************************
*
Though CEF is commonly configured with all QOS implementations, the
DocCD
does not list it as a requirement for either LLQ or CAR.
-aaron
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Paul
Dardinski
Sent: Wednesday, August 09, 2006 6:44 AM
To: Cisco certification
Subject: CAR rate limiting
If required for example to limit www traffic to rate x and limit tcp
traffic to rate y, is this possible using continue via CAR?
Can anyone provide an example config for this?
Ie. limit www to 100k, tcp to 500k?
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:56 ART