From: Administrator (Administrator@Subfighter.ca)
Date: Wed Nov 19 2008 - 13:36:07 ARST
Well after two days of messing with this, I got it. With the help of you guys
and gals here, my QOS understanding has gone up by leaps and bounds. Man it
feels good, QOS is a big weakness for me, so this feels great.
I am going through The Foundation by Narbik Kochairns after a three year
layoff of studying. So the other day I started the QOS section. I got to a
section where there was a block website example with CBWFQ and went through
it, understood it.
One of the guys at work is always using our test lab line for facebook and
youtube, so I thought I would mess with him. I made the changes to the router
for this to work, and it didnt. Thats where the post came from yesterday, me
trying to hash this out in a test lab. It just didnt work, none of it did.
So I spent the last day and a half getting it to work with your help. My
understanding has risen BIGTIME in one of my weakest areas.
I am not a CCIE yet, FAAAAR from it. But i feel like today I actually might
yet one day be ...
Thanks guys, I really appreciate the help !
By the way, the book "The Foundation" is awesome, it was just what I needed to
get back int he game. Awesome book, very well written.
Here is my config from my home lab !!
WOW_1710#sh run
Building configuration...
Current configuration : 4063 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname WOW_1710
!
boot-start-marker
boot-end-marker
!
aaa new-model
!
!
!
aaa session-id common
memory-size iomem 25
!
!
!
ip cef
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
vpdn enable
!
!
!
class-map match-all TELNET
match protocol telnet
class-map match-any SUBFIGHTER
match protocol http host "*subfighter.ca*"
class-map match-all FACEBOOK
match protocol http host "*facebook*"
class-map match-any youtube
match protocol http host "*youtube.com*"
match protocol http host "*google*"
!
!
policy-map BLOCK-youtube
class youtube
drop
class SUBFIGHTER
set dscp af31
class FACEBOOK
drop
!
!
!
!
!
interface Ethernet0
no ip address
full-duplex
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface FastEthernet0
ip address PRIVATE IP REMOVED
ip nat inside
ip virtual-reassembly
speed auto
full-duplex
!
interface Dialer1
ip address negotiated
ip access-group 101 in
ip access-group 100 out
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1392
dialer pool 1
dialer-group 1
ppp authentication pap callin
service-policy output BLOCK-youtube
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
ip nat inside source route-map NO_NAT interface Dialer1 overload
!
access-list 118 permit ip 192.168.1.0 0.0.0.255 any
access-list 118 permit ip 10.1.200.0 0.0.0.255 any
!
route-map NO_NAT permit 10
match ip address 118
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
end
WOW_1710#
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:31 ARST