From: Duncan Maccubbin (duncan.maccubbin@earthlink.net)
Date: Wed Aug 09 2006 - 11:43:56 ART
Paul,
Are you looking for something like this (I used WWW for the TCP app):
access-list 100 permit tcp any any
access-list 101 permit tcp any any eq www
interface FastEthernet0/0
rate-limit output access-group 100 496000 62500 62500 conform-action continue exceed-action drop
rate-limit output access-group 101 96000 12500 12500 conform-action transmit exceed-action drop
R1#sh int f0/0 rate
FastEthernet0/0
Output
matches: access-group 100
params: 496000 bps, 62500 limit, 62500 extended limit
conformed 9 packets, 540 bytes; action: continue
exceeded 0 packets, 0 bytes; action: drop
last packet: 4540940ms ago, current burst: 60 bytes
last cleared 01:16:14 ago, conformed 0 bps, exceeded 0 bps
matches: access-group 101
params: 96000 bps, 12500 limit, 12500 extended limit
conformed 9 packets, 540 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: drop
last packet: 4540940ms ago, current burst: 72 bytes
last cleared 01:16:12 ago, conformed 0 bps, exceeded 0 bps
R1#
-----Original Message-----
>From: Paul Dardinski <pauld@marshallcomm.com>
>Sent: Aug 9, 2006 9:36 AM
>To: Aaron Pilcher <apilcher@itgcs.com>, Cisco certification <ccielab@groupstudy.com>, yan.anchipolovskiy@prudential.com
>Subject: RE: CAR rate limiting
>
>I guess I'm not seeing how the below config would limit a subrate of
>traffic within a larger rate of traffic. WWW/FTP is subset of all TCP
>traffic. So, the below config seems to limit tcp to x, but doesn't take
>into account the subrate of www traffic. To put it another way, if tcp
>is limited to rate 2Mbps as below, then the www/ftp traffic would fall
>out here and hence not be restricted to the 1Mbps?
>
>If you listed the class ftp/www first, then it would limit that rate to
>the 1Mbps, so that works. If take to the next step then, using CAR,
>could just cascade the smaller ftp/www rate-limit first, then the larger
>following, ie:
>
>rate-limit output access-group 100 1000000 1500 2000 conform-action
>transmit
>exceed-action drop
> rate-limit output access-group 101 2000000 1500 2000 conform-action
>transmit exceed-action drop
>
>access-list 100 perm tcp any any eq ftp
>access-list 100 perm tcp any any eq ftp-data
>access-list 101 perm tcp any any
>
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Aaron Pilcher
>Sent: Wednesday, August 09, 2006 9:10 AM
>To: 'Salzano, Mario Arthur Costa'; Paul Dardinski; 'Cisco certification'
>Subject: RE: CAR rate limiting
>
>Good point....
>
>class-map match-all NoCEF1
> match not access-group name NoCEF2
> match access-group name NoCEF1
>class-map match-any NoCEF2
> match access-group name NoCEF2
>
>
>
>-----Original Message-----
>From: Salzano, Mario Arthur Costa [mailto:mario.salzano@siemens.com]
>Sent: Wednesday, August 09, 2006 8:01 AM
>To: Aaron Pilcher; Paul Dardinski; Cisco certification
>Subject: RE: CAR rate limiting
>
>
>But FTP is also a TCP protocol. How could we separate them?
>
>Matching NoCEF1 is also a matching on NoCEF2.
>
>Does anybody have an idea for this case?
>
>I think that using "match not" expression could be a solution.
>
>Regards,
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Aaron Pilcher
>Sent: Wednesday, August 09, 2006 9:38 AM
>To: 'Paul Dardinski'; 'Cisco certification'
>Subject: RE: CAR rate limiting
>
>Yes it is possible using CAR, or LLQ......the enclosed use a higher rate
>than than 100/500k....
>
>class-map match-any NoCEF1
> match access-group name NoCEF1
>class-map match-any NoCEF2
> match access-group name NoCEF2
>!
>!
>policy-map LIMIT
> class NoCEF1
> bandwidth 2000
> class NoCEF2
> bandwidth 1000
>
>Interface gig0/0
> service-policy output LIMIT
>
>ip access-list extended NoCEF1
> permit tcp any any
>ip access-list extended NoCEF2
> permit tcp any any eq ftp
> permit tcp any any eq ftp-data
>
>*********************************************
>*********************************************
>
>rate-limit output access-group 100 2000000 1500 2000 conform-action
>transmit
>exceed-action drop
> rate-limit output access-group 101 1000000 1500 2000 conform-action
>transmit exceed-action drop
>
>The ACLs 100 and 101 would, of course be something like the above
>(NoCEF1
>and NoCEF2).
>
>************************************************************************
>*
>************************************************************************
>*
>
>Though CEF is commonly configured with all QOS implementations, the
>DocCD
>does not list it as a requirement for either LLQ or CAR.
>
>-aaron
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Paul
>Dardinski
>Sent: Wednesday, August 09, 2006 6:44 AM
>To: Cisco certification
>Subject: CAR rate limiting
>
>If required for example to limit www traffic to rate x and limit tcp
>traffic to rate y, is this possible using continue via CAR?
>
>
>
>Can anyone provide an example config for this?
>
>
>
>Ie. limit www to 100k, tcp to 500k?
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:56 ART