Within VLAN 12, The traffic was previously policed as follows : Does not
mean that it will continue to be policed at these rates after you make the
change.
- Email : Policed to 500k.
- Web : policed to 1mb
- All other traffic policed to 500k.
It has been decided that regardless of what type of traffic is used at any
point in time, the total bandwidth should not exceed 2mb
policy-map 2mPolicy
class mail
set ip precedence 3
police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but
should'nt this be ( police 500000 93750 exceed-action drop ) You are using
the old settings
class Web
set ip precedence 2
police aggregate 2mPolicy ===> ( DSG recommended script ) , but
should'nt this be ( ( police 1000000 1875000 exceed-action drop ) You are
using the old settings
class class-default
police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but
should'nt this be ( police 500000 93750 exceed-action drop ) You are using
the old settings
But the one thing I did notice in the DSG (show policy-map) is that
Web/Email states "match all" instead of "match any", if it was to match all
you would you ever get a match?
Does this help?
From: Amer Mustafa [mailto:[email protected]]
Sent: October-30-10 5:42 PM
To: [email protected]
Cc: Jason Maynard
Subject: Workbook 1 - LAB22 - Task 22.2.
Workbook 1 - LAB22 - Task 22.2.
Within VLAN 12, The traffic was previously policed as follows :
- Email : Policed to 500k.
- Web : policed to 1mb
- All other traffic policed to 500k.
It has been decided that regardles of what type of traffic is used at any
point in time, the total bandwidth should not exceed 2mb.
Here is the suggested configuration :
access-list 104 permit tcp any any eq smtp
access-list 104 permit tcp any any eq pop3
access-list 104 permit tcp any eq smtp any
access-list 104 permit tcp any eq pop3 any
access-list 114 permit tcp any any eq www
access-list 114 permit tcp any any eq 443
access-list 114 permit tcp any eq www any
access-list 114 permit tcp any eq 443 any
class-map match-all mail
match access-group 104
class-map match-all Web
match access-group 114
mls qos aggregate-policer 2mPolicy 2000000 375000 exceed-action drop ( In
My understanding of this command, its limiting the rate for the whole policy
(2mPolicy) to 2mb.
policy-map 2mPolicy
class mail
set ip precedence 3
police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but
should'nt this be ( police 500000 93750 exceed-action drop )
class Web
set ip precedence 2
police aggregate 2mPolicy ===> ( DSG recommended script ) , but
should'nt this be ( ( police 1000000 1875000 exceed-action drop )
class class-default
police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but
should'nt this be ( police 500000 93750 exceed-action drop )
And thats since the overall bandwidth is 2mb but futher each class has its
own rate limit, and the way the commands are written they dont show any
limitation on the classes , though the overall policy is 2mb.
Please advise.
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
