[rbak-nsp] Qos policy Metering problem
Michał Przywuski
mprzywuski at jmdi.pl
Thu May 12 08:09:03 EDT 2016
Hi , i try configure Qos policy on RedBack Se800 , and i have a problem.
Policy Upload is working but on download no. Can you check my config and
give me advice ? Thanks
Michal Przywuski [PL]
context local
!
no ip domain-lookup
!
ip nat pool NAPT-pool-1 napt multibind
address 10.10.12.34/32 port-block 1 to 15
!
nat policy nat-policy-1
! Default class
pool NAPT-pool-1 local
icmp-notification
!
interface Radius1
ip address 10.10.7.5/24
!
interface TT
ip address 10.11.43.5/24
!
interface mgnt
ip address 10.3.14.22/24
!
interface test multibind
ip address 192.168.1.1/24
dhcp server interface
logging console
!
router bgp 64110
!
enable encrypted 1 $1$2vJpnu3B$ABpNM8b0y8uscvQ9j1oYg1
enable authentication local
!
aaa authentication administrator local
aaa authentication subscriber radius
!
administrator admin encrypted 1 $1$w4EVhqNQ$X/EN37bcvl06xvo0S583r.
privilege max 15
!
radius server 10.3.37.136 encrypted-key 3828082561D6BDD6
radius max-retries 2
radius timeout 2
!
subscriber profile test
!
ip route 0.0.0.0/0 10.3.14.1
ip route 10.10.12.0/24 context bgp
ip route 10.10.12.0/24 10.11.43.12
ip route 10.11.43.0/24 context bgp
service ssh server
!
dhcp server policy
option router 192.168.1.1
option domain-name-server 8.8.8.8
subnet 192.168.1.0/24
range 192.168.1.100 192.168.1.130
!
!
!
context bgp
!
no ip domain-lookup
!
interface Lo loopback
ip address 10.10.12.37/24
!
interface TT2
ip address 10.11.43.10/24
no logging console
!
ip route 0.0.0.0/0 context CLIPS
ip route 10.3.14.0/24 context local
ip route 192.168.1.0/24 context local
ip route 192.168.8.0/24 context CLIPS
!
!
!
!
context lo
!
no ip domain-lookup
no logging console
!
!
!
!
context CLIPS
!
no ip domain-lookup
!
ip nat pool NAT-0 napt multibind
address 10.10.12.15/32 port-block 1 to 15
!
nat policy 1
! Default class
pool NAT local
icmp-notification
!
nat policy NAT
connections icmp maximum 50
! Default class
ignore
admission-control tcp
admission-control udp
admission-control icmp
endpoint-independent filtering udp
icmp-notification
! Named classes
access-group NAT-ACL
class default
pool NAT CLIPS
icmp-notification
!
interface LO2 loopback
!
interface MAIN multibind
ip address 192.168.8.1/24
ip mtu 1500
dhcp server interface
ip icmp suppress packet-too-big
ip arp timeout 900
ip nat NAT
!
interface RADIUS
ip address 10.15.1.1/24
!
interface TT2
ip address 10.11.43.10/24
!
interface WAN
ip address 10.10.12.44/24
no logging console
!
policy access-list ABON-OUT
seq 10 permit ip any any class INET
!
policy access-list NAT-ACL
seq 10 permit ip 192.168.8.0 0.0.0.255 class default
!
router bgp 64530
router-id 10.1.1.1
confederation identifier 64530
address-family ipv4 unicast
redistribute connected
network 10.11.43.0/24
!
neighbor 10.11.43.12 external
remote-as 64535
send community
address-family ipv4 unicast
!
aaa authentication administrator local
aaa authentication administrator maximum sessions 1
aaa authentication subscriber radius
!
radius server 10.15.1.2 encrypted-key 3828082561D6BDD6
radius max-retries 2
radius timeout 2
!
subscriber profile test
subscriber profile TEST
qos policy policing 2-OUT
qos policy metering 4M-out
dhcp max-addrs 5
!
ip route 0.0.0.0/0 10.11.43.12
!
dhcp server policy
option router 192.168.8.1
option domain-name-server 8.8.8.8
subnet 192.168.8.0/24
range 192.168.8.80 192.168.8.180
!
!
!
context BGP
!
no ip domain-lookup
no logging console
!
!
!
!
! ** End Context **
logging debug
logging tdm console
logging active
logging standby short
logging display-info
!
!
!
!
qos policy 2-IN metering
rate 2000 burst 250000 excess-burst 375000
!
qos policy 2-OUT policing
rate 2000 burst 250000 excess-burst 375000
!
qos policy 200k_m metering
rate 200 burst 37500 counters
!
qos policy 2M-in policing
rate 2000 burst 250000
rate-calculation exclude layer-2-overhead
!
qos policy 2M-out metering
ip access-group ABON-OUT CLIPS
class INET
rate 1000 burst 12500
rate-calculation exclude layer-2-overhead
!
qos policy 4M metering
rate 50 burst 37500 counters
rate-calculation exclude layer-2-overhead
!
qos policy 4M-in policing
rate 4000 burst 600000
!
qos policy 4M-out metering
rate 2000 burst 2500 excess-burst 3750
!
forward policy NAT
!
qos policy e4:8d:8c:65:4b:00 protocol-rate-limit
!
qos policy test metering
rate 100 burst 37500 counters
rate-calculation exclude layer-2-overhead
!
!
!
!
!
card 10ge-4-port 1
!
port ethernet 1/1
description ToArista
shutdown
encapsulation dot1q
!
card 10ge-4-port 2
!
port ethernet 2/1
no shutdown
encapsulation dot1q
service clips dhcp context CLIPS
dot1q pvc 371
bind interface RADIUS CLIPS
dot1q pvc 372
service clips dhcp context CLIPS
dot1q pvc 373
bind interface TT2 CLIPS
!
!
port ethernet 8/1
! XCRP management ports on slot 8 and 7 are configured through 8/1
no shutdown
bind interface mgnt local
!
no ipv6 path-mtu-discovery discovery-interval
!
no system alarm air-filter
system alarm redundancy suppress
system hostname Dareek
system description 0_o Dareek
!
!
!
end
--
Michał Przywuski
Administrator sieci.
More information about the redback-nsp
mailing list