Hi Daniel, Thank you very much for your info. Our customer is using NAT on proxy server, not on the router. So as u said we can subnet further for two group, in that case do I need to create sub int on the eth for two set of group. So that one group will be have default gate-way of 192.168.1.1 and for other group will be 192.168.1.129.
Here we will eliminate the proxy server, directly we put NAT on the router and moreover this customer is using 11.3ver IOS. So will this configuration work out for us, pls, give your suggestion , really I will be great full u to. interface Ethernet0.1 ip address 192.168.1.1 255.255.255.128 custom-queue-list 1 no ip directed-broadcast ip nat inside interface ethernet0.2 ip address 192.168.1.129 255.255.255.128 custom-queue-list 1 no ip directed-broadcast ip nat inside interface Serial0 ip address x.x.x.x 255.255.255.252 no ip directed-broadcast ip nat outside ! ! ip nat inside source list 1 interface Serial0 overload ip classless ip route 0.0.0.0 0.0.0.0 x.x.x.x access-list 1 permit 192.168.1.0 0.0.0.127 access-list 2 permit 192.168.1.128 0.0.0.127 queue-list 1 protocol ip 1 list 1 queue-list 1 protocol ip 2 list 2 queue-list 1 default 3 regads Prabu On Fri, 5 Jul 2002, Daniel Thiffeault wrote: > Pradhu, > > > Some more questions are raised from what you said: > > 1.. you said you gave 16 addresses, are they public or private addresses. > What is the range of those addresses, 10.0.0.0/8, 192.168.0.0 etc ... > 2.. you said you are not using PAT Port address translation. If you have > just 16 addresses how do you want 45 people to access the internet at the > same > time. Still not clear. if you are using NAT you need a pool of 45 addresses > if > you want those users to access the net simultaneously. > > Now enough questions, i am just going to try to guess. > > > Let's say that you have one ethernet segment. The users got their addresses > from the 192.168.1.0/24 network. Let's say thay the first group needs access > for browsing 192.168.1.1-192.168.1.127 the second group > 192.168.1.128-192.168.1.254 needs access for whatever reason. > > > 1.. Create an access list > > > access-list 1 permit 192.168.1.0 0.0.0.127 > access-list 2 permit 192.168.1.128 0.0.0.127 > > > 2. Create a custom queue list > > queue-list 1 protocol ip 1 list 1 > queue-list 1 protocol ip 2 list 2 > queue-list 1 default 3 > > > 3. Assign the queue to the interface > > custom-queue-list 1 > > > > This should give roughly equal access to both group of users. Queue 1 is > serviced 1500 bytes - the default- are allowed to pass, then queue 2 is > serviced. Again queue 2 is passing 1500 bytes. If the traffic does not > conform > to either queue1 or queue 2 it will be queued to the default queue. It is > always a good thing to direct the non conforming traffic somewhere ! > > > > Hope it answers your question. Otherwise just repost and we'll find a way. > > > Regards, > > DT > > > > > > > > > cr > ""Prabhu K."" wrote in message > news:[EMAIL PROTECTED]... > > Hai Daniel, > > > > 1.. You said that you have 45 users, but you have only 2 switches with > > 12 ports each for a total of 24 ports. On what are connected the rest of > > the users. Those 21. > > > > They may use HUB for to connecting remaining user's. > > > > 2.How do you assign the addresses on the workstation. Dhcp server or you > > assign them statically. > > > > They are using Proxy server. > > > > 3. What is the range of addresses on the Ethernet segment > > > > We have give 16 IP to that customer, he has to divide further for two > > segments. > > > > 4.. Are you using PAT. Port address translation > > > > no sir, > > > > 5.. Do you want to give the possibility to access the internet to 45 > > simultaneous users. > > > > Yes sir, what we will do is create a sub int on the router > > ethernet and that will act as a one more gateway for another proxy server. > > So we will put rate-limit for that sub int. > > > > 6.. if you give the first group of 25 users 128 kbps and 128 kbps to the > > second group of users 128 kbps. It means that on average both groups have > > roughly the same amount of bandwidth per users. The question is then, > > what's the point to do that. If you had 2 groups with VERY distinct needs > > i would understand. But the way you present the problem both groups have > > more or less the same needs. Consequently, i do not see any needs for > > differentiating the traffic. > > > > Because the 25 user's are Browsing user's and another user's are > > staff, so they want's limit the BW for browsing people(128K). > > > > > > On Thu, 4 Jul 2002, Daniel Thiffeault wrote: > > > > > Pradhu, > > > > > > you've got : > > > > > > 1.. a 2500 router with a 256kbps link to the internet > > > 2.. 2 switches from the 1900 series. Each switch has 12 ports > > > 3.. 45 users divided in 2 groups. One group with 25 users. Another > group > > > with 20 users. Each group needs 128 kbps of bandwidth. Each group needs > > > access > > > to the internet. > > > 4.. 16 public addresses. > > > 5.. one ethernet segment > > > > > > > > > You need: > > > > > > 1.. to differentiate you traffic. > > > > > > > > > From that, some question are raised. > > > > > > > > > 1.. You said that you have 45 users, but you have only 2 switches with > 12 > > > ports each for a total of 24 ports. On what are connected the rest of the > > > users. Those 21. > > > 2.. How do you assign the addresses on the workstation. Dhcp server or > > you > > > assign them statically. > > > 3.. What is the range of addresses on the ethernet segment > > > 4.. Are you using PAT. Port address translation > > > 5.. Do you want to give the possibility to access the internet to 45 > > > simultaneous users. > > > 6.. if you give the first group of 25 users 128 kbps and 128 kbps to > the > > > second group of users 128 kbps. It means that on average both groups have > > > roughly the same amount of bandwidth per users. The question is then, > > what's > > > the point to do that. If you had 2 groups with VERY distinct needs i > would > > > understand. But the way you present the problem both groups have more or > > less > > > the same needs. Consequently, i do not see any needs for differentiating > > the > > > traffic. > > > > > > > > > Please Pradhu, clarify the 6 points above. So we can go a little bit > > further. > > > > > > > > > > > > Thanks, > > > > > > Daniel Thiffeault. > > > > > > > > > > > > ""Prabhu K."" wrote in message > > > news:[EMAIL PROTECTED]... > > > > Dear all, > > > > > > > > One of our customer is having a router of 2500 series with 2 serial > > > > port & 1 ethernet port and the IOS is 11.3 and router memory is 8 Mb > > and > > > > a flash memory of 8Mb Presently he is having a link of 128Kbps landing > on > > > > one of the serial port. Now, he wants to have two separate link of > > > > 128Kbps,totally customer want's dedicated to two different purpose( One > > > > for browsing i.e general users 25 nodes and one link for restricted > group > > > > of users -- 20 nodes this traffic also should routed on the same > > > > Internet). > > > > > > > > Now the problem is we can't give two dedicated 128kbps, instead of > that > > > > we can give aggregate of 256kbps, in that case how to dedicated the > set > > > > of user's here on single WAN link's and we have given 16 IP add to > this > > > > customer. He is having a two number of 1900 series switch with 12 > port. > > > > Now the problem is how I do routing for only those user setting in same > > > > LAN and how I make sure that they get 128kbps bandwidth. > > > > > > > > Pls. let me know what is the best possible way to implement this. > > > > > > > > Please start posting your suggestion and make this great group alive > :-) > > > > > > > > With best regards & hope to hear more on the above issue, > > > > > > > > Prabu > > > > India Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48309&t=48085 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
