RE: QoS - Policing

From: Joseph Brunner (joe@affirmedsystems.com)
Date: Thu Aug 14 2008 - 02:58:22 ART

• Next message: Fahad Khan: "Re: Eigrp SUmmarization"
• Previous message: KS Anpu: "QoS - Policing"
• Maybe in reply to: KS Anpu: "QoS - Policing"
• Next in thread: shiran guez: "Re: QoS - Policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I suspect the fragments are not being matched by NBAR and therefore the
fragment baby pings are being matched by class default.

Can you try reading this link; it explains the behavior

Thanks,

Joe

http://www.ubookcase.com/book/Cisco/Cisco.Router.Firewall.Security/index.htm
l?page=source/1587051753/ch10lev1sec3.html

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of KS
Anpu
Sent: Thursday, August 14, 2008 12:43 AM
To: Cisco certification; anpu samp
Subject: QoS - Policing

I am facing one issue with qos police command . i have configured a
class-map (TESTCLASS) to identify the icmp and some other traffics , then
police the traffic. but when i am testing , if the icmp pkt size is less
than 1500 the TESTCLASS hit count is increasing , but if i increase the icmp
packet size more than 1600 KB , still it is pinging but default-class
(class-default) hit count is increasing.
ANY ONE CAN HELP ME TO FIND ....WHY ?

Class Map match-any *TESTCLASS *
  Match protocol icmp
  Match protocol ftp
  Match protocol tftp

Policy Map *TestPolicy*
  Class TESTCLASS
   police cir 8000000 bc 4000 be 4000
     conform-action transmit
     exceed-action drop

R1#SHow RUN INT ETH 0/0
Building configuration...

Current configuration : 158 bytes
!
interface Ethernet0/0
 bandwidth 100000
 ip address 131.1.12.1 255.255.255.0
 full-duplex
 max-reserved-bandwidth 90
 *service-policy output TestPolicy*
end

R1#show policy-map int eth 0/0
 Ethernet0/0

  Service-policy output: TestPolicy

    Class-map: TESTCLASS (match-any)
      *0 packets, 0 bytes*
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol icmp
        0 packets, 0 bytes
        5 minute rate 0 bps
      Match: protocol ftp
        0 packets, 0 bytes
        5 minute rate 0 bps
      Match: protocol tftp
        0 packets, 0 bytes
        5 minute rate 0 bps
      police:
          cir 8000000 bps, bc 4000 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

    Class-map: class-default (match-any)
      22 packets, 16870 bytes
      5 minute offered rate 2000 bps, drop rate 0 bps
      Match: any

Regards,
Anbu

Blogs and organic groups at http://www.ccie.net

• Next message: Fahad Khan: "Re: Eigrp SUmmarization"
• Previous message: KS Anpu: "QoS - Policing"
• Maybe in reply to: KS Anpu: "QoS - Policing"
• Next in thread: shiran guez: "Re: QoS - Policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:30 ART