IP Based QOS

Unanswered Question
Joseph W. Doherty Fri, 10/17/2008 - 16:32
User Badges:
  • Super Bronze, 10000 points or more

On many devices you could target a policer for a specific IP address, but if many, becomes difficult to maintain and depending on device, might be limited in number of individual policers you can implement.


On the 6500 series, believe they have something called a microflow policer that might lend itself to such an application without needing to predefine every individual IP address.

tcordier Sat, 10/18/2008 - 13:11
User Badges:
  • Bronze, 100 points or more

You can achieve this using MQC policing or CAR. Here are two configurations which show how you could achieve this, for each of the two methods:


1st method MQC:


Define your source IP addresses:


ip access-list standard IP_1

permit 1.1.1.1

ip access-list standard IP_2

permit 2.2.2.2


Define the traffic classes using these ACLs:


class-map match-all IP_1

match access-group name IP_1

class-map match-all IP_2

match access-group name IP_2


Define the policy:


policy-map Police

class IP_1

police 64000

class IP_2

police 64000


-> This will police the traffic in each class to 64K, and drop all traffic above this threshold.


Apply the policy:


interface xyz

service-policy output Police


2nd Method CAR:


interface xyz

rate-limit output access-group 1 64000 8000 8000 conform-action transmit exceed-action drop

rate-limit output access-group 2 64000 8000 8000 conform-action transmit exceed-action drop


For both methods you have many additional options about how to handle exceeding traffic, or how to specify traffic in different ways, such as for destination IP addresses, protocols etc.


Check http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_4/qos_12_4_book.html for more information and details.


HTH, Thomas

Actions

This Discussion