Continuation to my original post. Same 6.1 task asks:
Set the queue-limit for input HTTP packets to 100 packets and limit the packet rate to 10 per second. First part of it is completely exhaustive, i.e. use class-map and policy-map of queue-limit type by matching it to HTTP protocol and apply it to the host subinterface. What about the second part? How should one start thinking by reading it? Should this rate limiting be applied to the aggregate Control plane? Should it be applied to the host subinterface for all traffic or only for HTTP as the task implies? I may sound annoying but would it be appropriate to ask the proctor for clarifications or the real lab questions are explicit and detailed as opposed to the above said? Eugene From: Eugene Pefti Sent: 29 March 2012 19:19 To: [email protected] Subject: CPPr applied to host subinterface and port-filter doesn't show any statistics and blocks RIP traffic Guys, I'm all baffled. Doing INE 6.1 task. R1---- R3----R2. R3 is by far configured with only port-filter applied to control-plane host subinterface class-map type port-filter match-any PORT-FILTER-CM match closed-ports match not port tcp 3020 match not port tcp 4040 match not port udp 520 policy-map type port-filter PORT-FILTER-PM class PORT-FILTER-CM drop control-plane host service-policy type port-filter input PORT-FILTER-PM Question 1, why on earth I don't see anything if run "show policy-map control-plane host" (as stated in the solution for this task) One can only guess that instead of the above said show command another one gives me the output "show policy-map type port-filter control-plane host" Question 2, with explicitly not matching traffic for RIP I still don't see any RIP updates on R3 router. I don't see any drops for the above said policy-map. It looks like I have drops under "closed-ports" section and then if RIP updates makes hits there then I don't understand this logic at all. The solution guide have "match closed-ports" in the first line. R3#show policy-map type port-filter control-plane host Control Plane Host Service-policy port-filter input: PORT-FILTER-PM Class-map: PORT-FILTER-CM (match-any) 175 packets, 27846 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: closed-ports 175 packets, 27846 bytes 5 minute rate 0 bps Match: not port tcp 3020 0 packets, 0 bytes 5 minute rate 0 bps Match: not port tcp 4040 0 packets, 0 bytes 5 minute rate 0 bps Match: not port udp 520 0 packets, 0 bytes 5 minute rate 0 bps drop Class-map: class-default (match-any) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any And secondly, I don't understand why I have to do "match-all" instead of "match-any". If I change my PORT-FILTER-CM class map to use match-all then it all starts working. Eugene
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
