Mario, The first part looks exactly right to me. You have used a class-map/access-list duple to ID the traffic to be affected, put it into a policy-map that defines the action to be taken, and then assigned it to an interface via the service-policy statement. Exactly correct. You win the CAR :)
I have never put both ingress and egress service-policy statements on an interface though, so I cannot say why one would wipe out the other. It would seem logical that you should be able to do 1 of each. You do not really specify what you mean by "playing with the ingress/egress filtering statements" so I cannot comment about what you may have affected except to say that it might be possible that if you reference a non-existing access list the service-policy doesn't show because the configuration isn't complete..this is a total guess though :) Do your "show" commands reveal that your policies are in effect even when the statements are not visible? S! Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link, LLC. wrote in message news:[EMAIL PROTECTED] > Hi. I have a few questions that I need clarification on: > > > 1) Is this the correct method to do L3 rate-limiting on a 3550? > > access-list 101 permit ip any xxx.xxx.xxx.0 0.0.0.255 > ! > class-map match-any 768k_traffic > match access-group 101 > ! > policy-map 768k-DSL > class 768k_traffic > police 768000 768000 exceed-action drop > ! > interface FastEthernet0/3 > no switchport > ip address xxx.xxx.xxx.1 255.255.255.252 > service-policy output 768k-DSL > > > > 2) After playing with the ingress/egress filtering statements, f0/3 accepts > the service-policy command but it does not show up in the config (the > original tests did show up) > > interface FastEthernet0/3 > no switchport > ip address xxx.xxx.xxx.1 255.255.255.252 > no cdp enable > > > > > 3) Can I not do L3 rate-limiting on the 3550 for both ingress and egress > rate-limiting (if "input" is specified and an "output" command is entered, > it wipes the "input" statement). > > On the 2948G-L3s, I would use the rate-limit command and specify both input > and output per interface. > > > Thanks, > Mario Puras > SoluNet Technical Support Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66458&t=66291 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
