[c-nsp] Configure QoS by time [bcc][faked-from]

Tolstykh, Andrew ATolstykh at integrysgroup.com
Thu Aug 2 01:06:01 EDT 2007 

You can schedule a simple job in Kiwi Cattools (freeware up to 5 managed
devices).
KRON supports only the exec level cli commands.

Applying and removing service-policy maps on the live router may cause
router stability issues (saw this issue in 12.4 and 12.3 code - this
depends on the actual service-policy, basic policy should work fine), so
I am with Victor on this one - use the time-range and the dummy
access-list within the match-all (not match-any) class-map. If you have
match-any class-maps then this alternative will not work for you and you
may want to schedule a Cattools job.


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Victor Cappuccio
Sent: Wednesday, August 01, 2007 8:49 PM
To: Pablo Almido; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Configure QoS by time [bcc][faked-from]


Well I think this could be an alternative


R1(config)#time-range telnet
R1(config-time-range)#periodic weekdays 08:00 to 16:59
R1(config)#access-list 101 permit ip any any time-range telnet
R1(config)#class-map TELNET
R1(config-cmap)#ma proto telnet
R1(config-cmap)#ma access-group 101
R1(config)#policy-map mypolicy
R1(config-pmap)#class TELNET
R1(config-pmap-c)#drop
R1(config-pmap-c)#exit
R1(config-pmap)#int f0/0
R1(config-if)#ser out mypolicy


R1#telnet 2.2.2.2
Trying 2.2.2.2 ... Open


Password required, but none set

[Connection to 2.2.2.2 closed by foreign host]
R1#show access-list
Extended IP access list 101
    10 permit ip any any time-range telnet (inactive)


R1#clock set 9:00:00 1 Aug 2007
R1#
*Aug  1 09:00:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated
from 01:47:31 UTC Thu Aug 2 2007 to 09:00:00 UTC Wed Aug 1 2007,
configured from console by console.
R1#show access-list
Extended IP access list 101
    10 permit ip any any time-range telnet (active)
R1#telnet 2.2.2.2
Trying 2.2.2.2 ...


thanks,
Victor Cappuccio.-
- CCSI# 31452

CCBOOTCAMP - A Cisco Sponsored Organization (SO)
email: vcappuccio at ccbootcamp.com
Toll Free: 877-654-2243
Direct: +1-702-968-5100 = Outside the USA
FAX: +1-702-446-8012
YES! We take Cisco Learning Credits!
Training And Remote Racks: http://www.ccbootcamp.com

Register to win a free iPhone! http://www.ccbootcamp.com/iphone.html



-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net on behalf of Pablo Almido
Sent: Wed 01-Aug-07 6:35 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Configure QoS by time [bcc][faked-from]
 
Thanks all for responses,  I have my QoS policy configured with NBAR,
and I do not use access-list, I want to know if there is anyway for
retire at 22:00 from interface WAN  no service-policy  output
mypolicyQoS  and then put  for example at 8:30  all days interface wan
 service-policy  output  mypolicyQoS.
In adittion,  I have read in some links  that I can use a script in
linux with cron and expect.




2007/8/1, Tolstykh, Andrew <ATolstykh at integrysgroup.com>:
> You can use the time-range based ACL's (unless of course you use NBAR
> matching)
>
> 7206VXR#sho access-lists | i time
>     10 permit ip any host XX.XX.XX.XX time-range PROD (active)
>     20 permit ip any host XX.XX.XX.XX time-range PROD (active) (1881
> matches)
>     30 permit ip any host XX.XX.XX.XX time-range PROD (active)
(26950093
> matches)
>     40 permit ip any host XX.XX.XX.XX time-range PROD (active)
(2147582
> matches)
> 7206VXR#sho time-range
> time-range entry: PROD (active)
>    periodic weekdays 5:15 to 17:59
>    used in: IP ACL entry
>    used in: IP ACL entry
>    used in: IP ACL entry
>    used in: IP ACL entry
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Pablo Almido
> Sent: Wednesday, August 01, 2007 3:02 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Configure QoS by time
>
> Hi list,
>
> Is there anyway of configuration policy QoS by time?,  I have been
> trying to make it with command kron, but it does not ingress to
> configuration interface.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> The information transmitted is intended only for the person or entity
to which it is addressed and may contain confidential
> and/or privileged material.  Any review, retransmission, dissemination
or other use of, or taking of any action in reliance upon,
> this information by persons or entities other than the intended
recipient is prohibited.   If you received this in error, please
> contact the sender and delete the material from any computer.
>
>
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential
and/or privileged material.  Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon,
this information by persons or entities other than the intended recipient is prohibited.   If you received this in error, please
contact the sender and delete the material from any computer.

More information about the cisco-nsp mailing list