您的位置:360文档中心› 对不同IP组进行流量限制实例

对不同IP组进行流量限制实例

合集下载
相关主题
  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

对不同IP组进行流量限制实例:

Cisco(config)#ip access-list extended BOSS

Cisco(config-ext-nacl)#permit ip host 192.168.1.8 any

Cisco(config-ext-nacl)#permit ip host 192.168.1.18 any

Cisco(config-ext-nacl)#permit ip host 192.168.1.38 any

Cisco(config-ext-nacl)#permit ip host 192.168.1.48 any

Cisco(config-ext-nacl)#permit ip host 192.168.1.58 any

Cisco(config-ext-nacl)#permit ip host 192.168.1.68 any

Cisco(config-ext-nacl)#end

Cisco#config t

Cisco(config)#ip access-list extended COMMON

Cisco(config-ext-nacl)#deny ip host 192.168.1.8 any

Cisco(config-ext-nacl)#deny ip host 192.168.1.18 any

Cisco(config-ext-nacl)#deny ip host 192.168.1.38 any

Cisco(config-ext-nacl)#deny ip host 192.168.1.48 any

Cisco(config-ext-nacl)#deny ip host 192.168.1.58 any

Cisco(config-ext-nacl)#deny ip host 192.168.1.68 any

Cisco(config-ext-nacl)#permit ip 192.168.0.0 0.0.255.255 any Cisco(config-ext-nacl)#end

Cisco#config t

Cisco(config)#route-map QoS permit 10

Cisco(config-route-map)#match ip address BOSS

Cisco(config-route-map)#set ip precedence ?

<0-7> Precedence value

critical Set critical precedence (5)

flash Set flash precedence (3)

flash-override Set flash override precedence (4)

immediate Set immediate precedence (2)

internet Set internetwork control precedence (6) network Set network control precedence (7)

priority Set priority precedence (1)

routine Set routine precedence (0)

Cisco(config-route-map)#set ip precedence critical

Cisco(config-route-map)#exit

Cisco(config)#route-map QoS permit 20

Cisco(config-route-map)#match ip address COMMON

Cisco(config-route-map)#set ip precedence priority

Cisco(config-route-map)#exit

Cisco(config)#class-map match-any NORMAL

Cisco(config-cmap)#match ip precedence 0 1 2

Cisco(config-cmap)#class-map match-any PREMIUM

Cisco(config-cmap)#match ip precedence 0 1 2

Cisco(config-cmap)#exit

Cisco(config)#policy-map QoS_OUTPUT

Cisco(config-pmap)#class PREMIUM

Cisco(config-pmap-c)#bandwidth 2048

Cisco(config-pmap-c)#police 2048000 bc 19200 38400

Cisco(config-pmap-c-police)#conform-action transmit

Cisco(config-pmap-c-police)#exceed-action transmit

Cisco(config-pmap-c-police)#class NORMAL

Cisco(config-pmap-c)#bandwidth 512

Cisco(config-pmap-c)#police cir 51000 bc 1200 be 1200

Cisco(config-pmap-c-police)#conform-action transmit

Cisco(config-pmap-c-police)#exceed-action drop

Cisco(config-pmap-c-police)#end

Cisco#config t

Cisco(config)#interface G 0/0

Cisco(config-if)#ip nat inside

Cisco(config-if)#ip policy route-map QoS

Cisco(config)#interface G 0/1

Cisco(config-if)#ip nat outside

Cisco(config-if)#service-policy output QoS_OUTPUT

----------------------------------------------------------------------------marking:

1.定义class-map.

class-map [match-all/match-any] {map-name}

默认不打的话是match-all

2.定义匹配命令match

match access-group {NO}

match input-interface {interface}

match class-map {map-name} class-map嵌套

match source-address {mac-address} 源mac地址

match destination-address {mac-address} 目的mac地址

match vlan {vlan-ID}

match ip dscp {DSCP}

match ip precedencc {precedence}

match protocol {protocol} 基于NBAR

Router(config) class-map FOO

Router(config-cmap)#match ?

access-group Access group

any Any packets

class-map Class map

cos IEEE 802.1Q/ISL class of service/user priority values destination-address Destination address

input-interface Select an input interface to match

相关文档
最新文档