Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm using C3850, and want to set dscp AF21 for the first 100 mbps of input traffic on a L3 port ("no switchport"), and set AF11 for the remainder (any traffic >100mbps). I am not trusting DSCP of ingress packets, but generally they are dscp 0.I see ...
can "set qos-group" be used for this? table-map set-af21 default 18table-map set-af11 default 10 policy-map myMap class class-default police 100m exceed-action set-dscp-transmit dscp table set-af11 set qos-group dscp table set-af21!interface gi1/...
Ken writes "the remote router can be accessed from the internal network via a VPN". We can't tell if the VPN terminates "outisde" this LAN we're talking about re-IP'ing, or "inside." I'd go with the more cautious approach of adding a secondary IP o...
Here is one completely different approach: you can dedicate one port of every access switch as span target, and connect all those span-target cables to a dedicated "sniffer" switch (this could be a cheap 3500xl-en you have propping a door open, or a...
Looking at my answer, there may be a few cases where an application uses multiple udp or tcp flows as part of a single transaction, and the remote server expects them all to arrive from the same sourceIP. These are pretty rare, and NAT-unfriendly to...
You could create two IPSLA tracked objects, one for each ISP; then add one static 0/0 route to ISP A, dependent on A's tracked object; and similar for B. Outbound traffic should balance as well as simple flow-hashing can balance. Then you don't ne...
