02-27-2007 10:11 PM - edited 03-03-2019 03:57 PM
I need to police FTP traffic on the WAN to not take more than 1 MB and the remianing bandwidth to be available for all other applications.
Since we run IPSEC encryption on the WAN, i dont think i will be able to mark the traffic.
Will it possible to emulate the same traffic policing if applied on the LAN side as a input service policy as below
class-map match-all FTPtraffic
match access-group 111
policy-map client1
Class FTPtraffic
police 1024000 conform-action transmit exceed-action drop
class class-default
fair queue
int g 0/1
service-policy input client1
Diagram attached
Narayan
02-27-2007 10:59 PM
hi RB,
Isn't it possible to implement QOs Over ipsec tunnel as per below link?
http://www.cisco.com/en/US/products/ps6635/products_white_paper09186a0080189153.shtml
02-27-2007 11:52 PM
Thanks rajiv for the info.
The network diagram i attached was a very high level one. Infact i am not running any GRE tunnel, having mutiple peers with Dead Peer Detection and a mixture of routing protocols and Static routes.
hence i dont think the above configurations will suit my needs.
Narayan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide