07-27-2005 11:05 PM - edited 03-03-2019 10:08 AM
Hello,
On the class map below:
What would be the maximum bandwidth allowed for each subnet?
What would be the maximum bandwidth allowed for each host in that subnet?
Are all access-list (subnets) going to share 1M or each access-list (subnet) would get up to 1M totally 2M?
class-map match-any webtraffic
match access-group name web
ip access-list extended web
permit tcp host 192.168.10.138 eq www 192.168.128.0 0.0.0.255
permit tcp host 192.168.10.138 eq www 10.10.144.0 0.0.0.255
Service policy wwww
class webtraffic
bandwidth 100
police 1000000 187500 375000 conform-action transmit exceed-action transmit violate-action drop
THX
Mario
07-28-2005 09:14 AM
The webtraffic class as defined will include all traffic that matches the access list, so all traffic for both subnets will be included in your 1mb police rate. If you want to separate the 2 subnets you would need to define 2 classes. You could then police subnets individually.
In routers, policing is always done on an aggregate basis, but in some switches you can define microflow policers that work on individual flows.
07-28-2005 12:31 PM
Thank you the respond, how about this config?
Please note web1 contains 15 subnets.
Does each subnet will be policed in 1M or all 15 subnets will be policed together?
class-map match-any webtraffic
match access-group name web1
match access-group name web2
ip access-list extended web1
permit tcp host 192.168.10.138 eq www 192.168.128.0 0.0.15.255
ip access-list extended web2
permit tcp host 192.168.10.138 eq www 10.10.144.0 0.0.15.255
Service policy wwww
class webtraffic
bandwidth 100
police 1000000 187500 375000 conform-action transmit exceed-action transmit violate-action drop
THX
07-28-2005 02:04 PM
This config will function exactly like the 1st one. Traffic that passes access list web1 or web2 will belong to class webtraffic and be policed at 1mb. The number of subnets in the ACL does not matter, it justs matches any addresses in the range specified; 192.168.128.0 through 192.168.143.255.
Here is an example that splits web1 and web2 into separate classes with each policed at 1mb.
class-map match-any webtraffic1
match access-group name web1
class-map match-any webtraffic2
match access-group name web2
ip access-list extended web1
permit tcp host 192.168.10.138 eq www 192.168.128.0 0.0.15.255
ip access-list extended web2
permit tcp host 192.168.10.138 eq www 10.10.144.0 0.0.15.255
Service policy wwww
class webtraffic1
bandwidth 100
police 1000000 187500 375000 conform-action transmit exceed-action transmit violate-action drop
class webtraffic2
bandwidth 100
police 1000000 187500 375000 conform-action transmit exceed-action transmit violate-action drop
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide