Traffic-shaping traffic with precedence 2 Options


I have a link and traffic from USA enters the network via this link (together with traffic from Europe). Traffic from USA is marked with precedence 2. I want to throttle certain IP ranges to only use a certain amount of traffic that comes in with precedence 2, but am encountering problems.

This is the config I have so far

class-map match-all precedence2 match ip precedence 2 class-map match-all client-128-int match ip precedence 2 match access-group 110 !

policy-map international class precedence2 set ip precedence 2 class client-128-int shape average 128000 class class-default set ip precedence 0

on interface s0/2 I try to activate it as follows service-policy input international.

The policy does not seem to activate, when I issue sh run and look at the configs of int s0/2 I dont see the service policy. When I remove "class-map match-all client-128-int match ip precedence 2" from the service policy and re-apply to int s0/2 I can see it in the config and sh policy-map int s0/2 also returns results.

Am I doing something wrong?

Reply to
Loading thread data ...

The description of what you are trying to do seems backwards - i think you may be trying to do something that is impractical (but i have been wrong before).

1 problem is that you dont have any control over what is "upstream".

so if you throttle inbound traffic, it has already arrived. If you are doing this to reduce the inbound traffic as you want it to stay below a given level, then this is too late, it has already clogged up your incoming WAN link.

Classic "rate limiting" (and there are lots of different ways to rate limit, some of which are specific to a platform) happens to "outbound" traffic. Maybe if your traffic from USA arrives on a WAN link from a provider, you can get them to limit before it gets to your site?


You just matched against Prec2, so not a lot of point setting it....

i cannot see how the 2nd prec 2 match would ever hit anything?

can you apply it for outbound OK?

explain what the equipment is, IOS - more details are needed.

golden rule with cisco is if you are not sure - steal a working example and adapt it. Then test it in a lab where control the traffic, so you can see what is happening......

Reply to

you can't shape incoming traffic. If you want to rate-limit inbound traffic you need to police.

formatting link

Reply to
Denis Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.