[cisco-bba] Policing individual PPPOE sessions by IP

Nathan Downes nathandownes at hotmail.com
Tue Jun 17 02:32:11 EDT 2014


Nevermind!!  I am totally retarded..
I need to add the access list for the other direction
access-list 110 permit ip host 61.29.11.161 anyaccess-list 110 permit ip any host 61.29.11.161
I spent 3 hours working on this, sent the email, then read one more article and saw the access list for other direction!  
From: nathandownes at hotmail.com
To: cisco-bba at puck.nether.net
Date: Tue, 17 Jun 2014 04:54:30 +0000
Subject: [cisco-bba] Policing individual PPPOE sessions by IP




Hi guys,
I am trying to police individual PPPOE session by IP, I can limit upload from the CPE but not download.. which makes it pointless.. using a 7204vxr..
class-map match-all OVERLIMIT match access-group 110!!policy-map SLOWHOST class OVERLIMIT  police 2500000 conform-action transmit  exceed-action drop!
interface Virtual-Template1 mtu 1492 ip unnumbered GigabitEthernet0/1 ip flow ingress ip flow egress ip nat inside no ip virtual-reassembly in ip tcp adjust-mss 1452 no peer default ip address ppp authentication pap chap ppp ipcp address required service-policy input SLOWHOST service-policy output SLOWHOST
access-list 110 remark IPs to be rate limitedaccess-list 110 permit ip host 61.x.x.x any

This is the session I match to that IP
SSS session identifier 327 -
  Service-policy input: SLOWHOST
    Class-map: OVERLIMIT (match-all)      422331 packets, 328271784 bytes      5 minute offered rate 7000 bps, drop rate 0 bps      Match: access-group 110      police:          cir 2500000 bps, bc 78125 bytes        conformed 231523 packets, 159234630 bytes; actions:          transmit        exceeded 7955 packets, 11518319 bytes; actions:          drop        conformed 0 bps, exceed 0 bps
    Class-map: class-default (match-any)      0 packets, 0 bytes      5 minute offered rate 0 bps, drop rate 0 bps      Match: any
  Service-policy output: SLOWHOST
    Class-map: OVERLIMIT (match-all)      0 packets, 0 bytes      5 minute offered rate 0 bps, drop rate 0 bps      Match: access-group 110      police:          cir 2500000 bps, bc 78125 bytes        conformed 0 packets, 0 bytes; actions:          transmit        exceeded 0 packets, 0 bytes; actions:          drop        conformed 0 bps, exceed 0 bps
    Class-map: class-default (match-any)      53836 packets, 69242499 bytes      5 minute offered rate 47000 bps, drop rate 0 bps      Match: any

I tried applying service polcies to the physical interfaces and still no luck.. Please help!
Thanks
Nathan 		 	   		  

_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20140617/5c8f7217/attachment.html>


More information about the cisco-bba mailing list