It seems like more of Language trick here :). Ok, when it said that the total bandwidth should not exceed the 2mb, does this 2mb is for the whole policy-map or for a particular class ?
1- Just for sake of understanding, if i want to assign certain bandwidth for a class and then the total policy should not excced 2mb, in this is my config is correct ? 2- addressing the solution solved in the DSG, does it mean that each class will have 2mb, and then total of policy-map is 2mb also ? so each class will send in maximum rate of 2mb, and then the policy-map will rate limit it further to 2mb in total of policy-map so overall bandwith is 2mb also. 3- About your last comment about match-all and match-any, why it wouldnt get any match ? since each class is only one statement of match access-group xxx ( and thats all to match in this class ), please correct me if i am wrong. Please advise On Sun, Oct 31, 2010 at 1:25 AM, Jason Maynard <[email protected]>wrote: > *Within VLAN 12, The traffic was previously policed as follows : Does > not mean that it will continue to be policed at these rates after you make > the change.* > > > > *- Email : Policed to 500k.* > > *- Web : policed to 1mb* > > *- All other traffic policed to 500k.* > > > > It has been decided that regardless of what type of traffic is used at any > point in time, the total bandwidth should not exceed 2mb > > > > > > *policy-map 2mPolicy** > > class mail > set ip precedence 3 > police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but > should'nt this be ( police 500000 93750 exceed-action drop ) You are > using the old settings > class Web > set ip precedence 2 > police aggregate 2mPolicy ===> ( DSG recommended script ) , > but should'nt this be ( ( police 1000000 1875000 exceed-action drop ) You > are using the old settings > class class-default > police aggregate 2mPolicy ===> ( this is DSG recommended script ) , > but should'nt this be ( police 500000 93750 exceed-action drop ) You are > using the old settings * > > * * > > * * > > *But the one thing I did notice in the DSG (show policy-map) is that > Web/Email states “match all” instead of “match any”, if it was to match all > you would you ever get a match?* > > * * > > > > Does this help? > > > > *From:* Amer Mustafa [mailto:[email protected]] > *Sent:* October-30-10 5:42 PM > > *To:* [email protected] > *Cc:* Jason Maynard > *Subject:* Workbook 1 - LAB22 - Task 22.2. > > > > *Workbook 1 - LAB22 - Task 22.2.* > > > > *Within VLAN 12, The traffic was previously policed as follows : * > > > > *- Email : Policed to 500k.* > > *- Web : policed to 1mb* > > *- All other traffic policed to 500k.* > > > > It has been decided that regardles of what type of traffic is used at any > point in time, the total bandwidth should not exceed 2mb. > > > > Here is the suggested configuration : > > > > access-list 104 permit tcp any any eq smtp > access-list 104 permit tcp any any eq pop3 > access-list 104 permit tcp any eq smtp any > access-list 104 permit tcp any eq pop3 any > > access-list 114 permit tcp any any eq www > access-list 114 permit tcp any any eq 443 > access-list 114 permit tcp any eq www any > access-list 114 permit tcp any eq 443 any > > > > class-map match-all mail > match access-group 104 > > class-map match-all Web > match access-group 114 > > > > mls qos aggregate-policer 2mPolicy 2000000 375000 exceed-action drop *( > In My understanding of this command, its limiting the rate for the whole > policy (2mPolicy) to 2mb.* > > > > *policy-map 2mPolicy** > class mail > set ip precedence 3 > police aggregate 2mPolicy ===> ( this is DSG recommended script ) , but > should'nt this be ( police 500000 93750 exceed-action drop ) > class Web > set ip precedence 2 > police aggregate 2mPolicy ===> ( DSG recommended script ) , > but should'nt this be ( ( police 1000000 1875000 exceed-action drop ) > class class-default > police aggregate 2mPolicy ===> ( this is DSG recommended script ) , > but should'nt this be ( police 500000 93750 exceed-action drop )* > > > > *And thats since the overall bandwidth is 2mb but futher each class has > its own rate limit, and the way the commands are written they dont show any > limitation on the classes , though the overall policy is 2mb. * > > > > *Please advise.* > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
