<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>Nevermind!! I am totally retarded..<div><br></div><div>I need to add the access list for the other direction</div><div><br></div><div><div>access-list 110 permit ip host 61.29.11.161 any</div><div>access-list 110 permit ip any host 61.29.11.161</div><div><br></div><div>I spent 3 hours working on this, sent the email, then read one more article and saw the access list for other direction! </div><br><div><hr id="stopSpelling">From: nathandownes@hotmail.com<br>To: cisco-bba@puck.nether.net<br>Date: Tue, 17 Jun 2014 04:54:30 +0000<br>Subject: [cisco-bba] Policing individual PPPOE sessions by IP<br><br>
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr">Hi guys,<div><br></div><div>I am trying to police individual PPPOE session by IP, I can limit upload from the CPE but not download.. which makes it pointless.. using a 7204vxr..</div><div><br></div><div><div>class-map match-all OVERLIMIT</div><div> match access-group 110</div><div>!</div><div>!</div><div>policy-map SLOWHOST</div><div> class OVERLIMIT</div><div> police 2500000 conform-action transmit exceed-action drop</div><div>!</div></div><div><br></div><div><div>interface Virtual-Template1</div><div> mtu 1492</div><div> ip unnumbered GigabitEthernet0/1</div><div> ip flow ingress</div><div> ip flow egress</div><div> ip nat inside</div><div> no ip virtual-reassembly in</div><div> ip tcp adjust-mss 1452</div><div> no peer default ip address</div><div> ppp authentication pap chap</div><div> ppp ipcp address required</div><div> service-policy input SLOWHOST</div><div> service-policy output SLOWHOST</div></div><div><br></div><div><div>access-list 110 remark IPs to be rate limited</div><div>access-list 110 permit ip host 61.x.x.x any</div></div><div><br></div><div><br></div><div>This is the session I match to that IP</div><div><br></div><div><div>SSS session identifier 327 -</div><div><br></div><div> Service-policy input: SLOWHOST</div><div><br></div><div> Class-map: OVERLIMIT (match-all)</div><div> 422331 packets, 328271784 bytes</div><div> 5 minute offered rate 7000 bps, drop rate 0 bps</div><div> Match: access-group 110</div><div> police:</div><div> cir 2500000 bps, bc 78125 bytes</div><div> conformed 231523 packets, 159234630 bytes; actions:</div><div> transmit</div><div> exceeded 7955 packets, 11518319 bytes; actions:</div><div> drop</div><div> conformed 0 bps, exceed 0 bps</div><div><br></div><div> Class-map: class-default (match-any)</div><div> 0 packets, 0 bytes</div><div> 5 minute offered rate 0 bps, drop rate 0 bps</div><div> Match: any</div><div><br></div><div> Service-policy output: SLOWHOST</div><div><br></div><div> Class-map: OVERLIMIT (match-all)</div><div> 0 packets, 0 bytes</div><div> 5 minute offered rate 0 bps, drop rate 0 bps</div><div> Match: access-group 110</div><div> police:</div><div> cir 2500000 bps, bc 78125 bytes</div><div> conformed 0 packets, 0 bytes; actions:</div><div> transmit</div><div> exceeded 0 packets, 0 bytes; actions:</div><div> drop</div><div> conformed 0 bps, exceed 0 bps</div><div><br></div><div> Class-map: class-default (match-any)</div><div> 53836 packets, 69242499 bytes</div><div> 5 minute offered rate 47000 bps, drop rate 0 bps</div><div> Match: any</div></div><div><br></div><div><br></div><div>I tried applying service polcies to the physical interfaces and still no luck.. Please help!</div><div><br></div><div>Thanks</div><div><br></div><div>Nathan</div> </div>
<br>_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba</div></div> </div></body>
</html>