08-17-2012 09:39 PM - edited 03-04-2019 05:18 PM
Dear Experts,
We have applied Policy-map for limiting the BW of our Proxy server up to 20 Mbps.
Internet Link BW = 80 Mbps.
Connectivity :
Internet Cloud ------ Internet CE router --------- Firewall -------- LAN ------- Proxy Server
We have applied following configuration on WAN interface of Internet CE router :
class-map match-any CM-XYZ-PROXY
match access-group name XYZ-PROXY
!
policy-map PM-PROXY-LIMIT
class CM-XYZ-PROXY
police 20000000 3750000 7500000 conform-action transmit exceed-action drop violate-action drop
!
interface GigabitEthernet0/1
description ***Tata Internet Link - WAN Interface - Outside ***
ip address 11.11.99.82 255.255.255.252
service-policy input PM-PROXY-LIMIT
ip access-list extended XYZ-PROXY
permit ip any host 11.11.117.14 time-range BUSSINESS
time-range BUSSINESS
periodic daily 8:00 to 18:00
But than also in BW utilization graph and Netflow report we can see that the BW for the said Proxy server is going beyong 20 Mbps.
e.g.
Is there any error in configuration?
Regards
08-19-2012 06:48 AM
Pls reply.
08-20-2012 11:17 PM
Hello Dipesh,
Looks to me like the BW report is overall. Your configuration looks ok. Being that your policing is class based, the ACL statement permits any traffic to that specified destination, but looks like the report is overall. There could be other traffic on that interface going without being policed.
Could you please issue show policy-map interface Gi 0/1 to see the conformed/exceed packets?
Regards
Vivek
10-09-2012 01:57 AM
The traffic seen in Graph is of only IP address in ACL but it's seen more than this.
Is there any issue ?
Regards
10-09-2012 03:53 AM
Hello Dipesh,
Are you filtering based on the source IP address while pulling the reports for that WAN facing interface? Also that source ip address is of Proxy server? Anyways
Try changing this to simply
policy-map PM-PROXY-LIMIT
class CM-XYZ-PROXY
police 20000000 conform-action transmit exceed-action drop
Thanks,
Vivek.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide