|
Posted by Stephen on June 18, 2008, 5:29 pm
If you were Registered and logged in, you could reply and use other advanced thread options
On Wed, 18 Jun 2008 10:39:24 +0200, "tony"
>Hi,
>
>I have a link and traffic from USA enters the network via this link
>(together with traffic from Europe). Traffic from USA is marked with
>precedence 2. I want to throttle certain IP ranges to only use a
>certain amount of traffic that comes in with precedence 2, but am
>encountering problems.
>
The description of what you are trying to do seems backwards - i think
you may be trying to do something that is impractical (but i have been
wrong before).
1 problem is that you dont have any control over what is "upstream".
so if you throttle inbound traffic, it has already arrived.
If you are doing this to reduce the inbound traffic as you want it to
stay below a given level, then this is too late, it has already
clogged up your incoming WAN link.
Classic "rate limiting" (and there are lots of different ways to rate
limit, some of which are specific to a platform) happens to "outbound"
traffic.
Maybe if your traffic from USA arrives on a WAN link from a provider,
you can get them to limit before it gets to your site?
>
>This is the config I have so far
>
>
>class-map match-all precedence2
> match ip precedence 2
>class-map match-all client-128-int
> match ip precedence 2
> match access-group 110
>!
ACL?
>
>
>policy-map international
> class precedence2
> set ip precedence 2
You just matched against Prec2, so not a lot of point setting it....
> class client-128-int
i cannot see how the 2nd prec 2 match would ever hit anything?
> shape average 128000
> class class-default
> set ip precedence 0
>
>
>on interface s0/2 I try to activate it as follows
>service-policy input international.
>
>
>The policy does not seem to activate, when I issue sh run and look at
>the configs of int s0/2 I dont see the service policy. When I remove
>"class-map match-all client-128-int
> match ip precedence 2" from the service policy and re-apply to int
>s0/2 I can see it in the config and sh policy-map int s0/2 also
>returns results.
>
>
>Am I doing something wrong?
>
>
can you apply it for outbound OK?
explain what the equipment is, IOS - more details are needed.
golden rule with cisco is if you are not sure - steal a working
example and adapt it.
Then test it in a lab where control the traffic, so you can see what
is happening......
--
Regards
stephen_hope@xyzworld.com - replace xyz with ntl
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map