CCIE Pursuit Blog

May 28, 2009

Core Knowledge Question of the Day: 28 May 2009

Which markings are trusted by default on the interface when you configure the following on a Cisco 3560 switch:

SW1(config)#int f0/1
SW1(config-if)#mls qos trust

Highlight for answer: If no keyword is specified when the command is entered, then DSCP markings are trusted by default when the ‘mls qos trust’ interface-level command is configured.

May 27, 2009

Core Knowledge Question of the Day: 27 May 2009

R3#sh frame map
Serial0/0 (up): ip 155.3.0.3 dlci 503(0x1F7,0x7C70), static,
broadcast,
CISCO, status defined, active
TCP/IP Header Compression (inherited), connections: 218959117
RTP Header Compression (inherited), connections: 218959117

R5#sh frame map
Serial1/0 (up): ip 155.1.0.5 dlci 305(0×131,0x4C10), static,
broadcast,
CISCO, status defined, active
TCP/IP Header Compression (enabled), connections: 256
RTP Header Compression (enabled), connections: 256

Given the above output, what is the fundamental difference between the TCP and RTP header compression configurations on R3 and R5?

Highlight for answer: On R3, TCP and RTP header compression have been enabled on the interface level as indicated by the ‘inherited’ description in the ‘show frame-relay map’ output.  On R5 it has been enabled via the frame-relay map map statement(with the keyword ‘compress’).

May 25, 2009

Core Knowledge Question of the Day: 25 May 2009

Name at least three of the four types of congestion management queueing offered in Cisco router QoS.

Highlight for answer: FIFO (first-in, first-out), Weighted fair queueing (WFQ), Custom queueing (CQ), Priority queueing (PQ)

December 16, 2008

Lab Tip: A Use For The Useless Tc Command

CCIE candidates who have spent any time playing with Frame Relay Traffic Shaping know that the ‘frame tc’ command is worthless and that you need to set the Tc by altering the Bc and/or CIR.  But I did discover a use for this command.

Say you get a task like this:

“Use the lowest interval (Tc) available”

If you have this value memorized, then you’re golden.  But if you don’t then you might spend some of your valuable lab time searching the documentation for this value….OR you could turn to the ‘frame tc’ command for help:

Rack1R3(config)#map-class frame TEST
Rack1R3(config-map-class)#frame tc ?
<10-10000>  Tc, milliseconds

Ah.  We can see that the lowest interval available is 10 milliseconds.  The maximum is the insanely high 10,000 milliseconds (10 seconds).

August 20, 2008

Lab Tip: Finding Default WRED Values

Here’s a quick and dirty method to find default WRED values so that if a task asks you to reference the defaults (i.e. “Make the maximum threshold twice the default”) you will be able to quickly find the default values without searching the Cisco documentation.

First turn WRED on for an interface:

r1(config)#int fa0/1
r1(config-if)#random-detect

Now you can issue the “show queueing interface f0/1″ command:

r1#show queueing interface f0/1
Interface FastEthernet0/1 queueing strategy: random early detection (WRED)
    Random-detect not active on the dialer
    Exp-weight-constant: 9 (1/512)
    Mean queue depth: 0

  class          Random drop      Tail drop    Minimum Maximum  Mark
                  pkts/bytes       pkts/bytes    thresh  thresh  prob
      0      0/0              0/0           20      40  1/10
      1      0/0              0/0           22      40  1/10
      2      0/0              0/0           24      40  1/10
      3      0/0              0/0           26      40  1/10
      4      0/0              0/0           28      40  1/10
      5      0/0              0/0           31      40  1/10
      6      0/0              0/0           33      40  1/10
      7      0/0              0/0           35      40  1/10
   rsvp      0/0              0/0           37      40  1/10

This shows the default WRED settings for each IP precedence class.  The default values for IP precedence 3 are:

r1(config-if)#random-detect precedence 3 26 40 10

Where 3 = IP Precedence; 26 = Minimum Threshold; 40 = maximum threshold; and 10 = mark probability denominator

This is good to know because you may be asked to change one of these variables.  To change one of these variables you still need to enter in values for the other variables so you need to know the default values if you are not tasked with changing them.  You could look up the defaults in the DOC, but this is faster.

What if you want the DSCP defaults instead?  One more line will yield those for you:

r1(config)#int fa0/1
r1(config-if)#random-detect dscp-based

r1(config-if)#do sh queueing int f0/1
Interface FastEthernet0/1 queueing strategy: random early detection (WRED)
    Random-detect not active on the dialer
    Exp-weight-constant: 9 (1/512)
    Mean queue depth: 0

   dscp          Random drop      Tail drop    Minimum Maximum  Mark
                  pkts/bytes       pkts/bytes    thresh  thresh  prob
   af11      0/0              0/0           33      40  1/10
   af12      0/0              0/0           28      40  1/10
   af13      0/0              0/0           24      40  1/10
   af21      0/0              0/0           33      40  1/10
   af22      0/0              0/0           28      40  1/10
   af23      0/0              0/0           24      40  1/10
   af31      0/0              0/0           33      40  1/10
   af32      0/0              0/0           28      40  1/10
   af33      0/0              0/0           24      40  1/10
   af41      0/0              0/0           33      40  1/10
   af42      0/0              0/0           28      40  1/10
   af43      0/0              0/0           24      40  1/10
    cs1      0/0              0/0           22      40  1/10
    cs2      0/0              0/0           24      40  1/10
    cs3      0/0              0/0           26      40  1/10
    cs4      0/0              0/0           28      40  1/10
    cs5      0/0              0/0           31      40  1/10
    cs6      0/0              0/0           33      40  1/10
    cs7      0/0              0/0           35      40  1/10
     ef      0/0              0/0           37      40  1/10
   rsvp      0/0              0/0           37      40  1/10
default       0/0              0/0           20      40  1/10

Remember to remove WRED (or DSCP) if you’re not using it on that interface:

r1(config)#int fa0/1
r1(config-if)#no random-detect

r1(config-if)#do sh queueing int f0/1
Interface FastEthernet0/1 queueing strategy: none

If you’re given an IP Precedence name like “flash-override” instead of the IP Precedence value (4 in this case) then use this tip:

Lab Tip: Remembering IP Precedence Values

April 29, 2008

Internetwork Expert Volume II: Lab 5 – Section 7

QoS – 8 Points

7.1 Frame Relay Traffic Shaping

We need to configure FRTS on r1.

AIR = 512Kbps
CIR = 384Kbps
MINCIR = 256Kbps
Be = Up to port speed
Tc = 100ms

We also know that we need to use adaptive shaping.

Bc = CIR * (Tc/1000)
Be = (AR – CIR) * (Tc/1000)

Adaptive Frame Relay Traffic Shaping for Interface Congestion

Frame-Relay Traffic Shaping

We can knock out the easy ones first:

map-class frame-relay FRTS
 frame-relay cir 384000
 frame-relay mincir 256000
 frame-relay adaptive-shaping becn

Now we just need to configure Bc and Be.

Bc = CIR * (Tc/100)
Bc = 384000 * (100/1000)
Bc = 384000 * .1
Bc = 38400

Be = (AR – CIR) * (Tc/1000)
Be = (512000 – 384000) * (100/1000)
Be = (128000) * (.1)
Be = 12800

So our final map-class is:

map-class frame-relay FRTS
 frame-relay cir 384000
 frame-relay bc 38400
 frame-relay be 12800
 frame-relay mincir 256000
 frame-relay adaptive-shaping becn

r1(config#int s0/0
r1(config-if)#frame traffic
r1(config-if)#frame interface-dlci 113
r1(config-fr-dlci)#class FRTS

r1(config-if)#do sh traffic

Interface   Se0/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
103           56000     875    7000      0         125       875       -
104           56000     875    7000      0         125       875       -
105           56000     875    7000      0         125       875       -
113           384000    6400   38400     12800     100       4800      BECN 
102           56000     875    7000      0         125       875       -

IE simply applies the map-class to the interface.  I don’t agree with their solution as all PVCs are affected and not just the PVC to r1.  Of course, only DLCI 113 is actually being used so…..ask your friendly proctor for clarification.  :-)

7.2 RTP Header Compression

Configure the Frame connection between r3 and r4 to support RTP header compression. 

ip rtp header-compression

r3′s s0/0 is a multipoint, physical Frame-Relay interface and we need to configure this only on the DLCI to r4.  I had to peek the answer on this one.

frame-relay map ip rtp header-compression

r3(config-if)# frame-relay map ip 162.1.0.4 304 rtp header-compression ?
  active            Always compress RTP headers
  connections       Maximum number of compressed RTP connections
  passive           Compress for destinations sending compressed RTP headers
  periodic-refresh  Send periodic refresh packets
  <cr>

Ummmm….did this blow away my broadcast capability

Before:
r3(config-if)#do sh run int s0/0:0 | i 162.1.0.4
 frame-relay map ip 162.1.0.4 304 broadcast

After:
r3(config-if)#do sh run int s0/0:0 | i 162.1.0.4
 frame-relay map ip 162.1.0.4 304 rtp header-compression passive connections 15

r3(config)#do sh frame map | sec 162.1.0.4
Serial0/0:0 (up): ip 162.1.0.4 dlci 304(0×130,0x4C00), static,
              CISCO, status defined, active
              RTP Header Compression (enabled), passive (enabled), connections: 15

Make sure that you leave your broadcast keyword in your map:

frame-relay map ip 162.1.0.4 304 broadcastrtp header-compression passive connections 15

Your connections need to match on both sides:

r4(config-if)#do sh run int s0/0 | i header
 frame-relay map ip 162.1.0.3 403 broadcast rtp header-compression connections 15

r3#sh ip rtp header-compression
RTP/UDP/IP header compression statistics:
 DLCI 304        Link/Destination info: ip 162.1.0.4
  Interface Serial0/0:0 DLCI 304 (compression off, Cisco, RTP, passive)
    Rcvd:    0 total, 0 compressed, 0 errors, 0 status msgs
             0 dropped, 0 buffer copies, 0 buffer failures
    Sent:    0 total, 0 compressed, 0 status msgs, 0 not predicted
             0 bytes saved, 0 bytes sent
    Connect: 15 rx slots, 15 tx slots,
             0 misses, 0 collisions, 0 negative cache hits, 15 free contexts

7.3 Bandwidth Limiting

“…Microsoft SQL traffic is limited to an average rate of 256Kbps on r2′s connection to the Frame Realy cloud.”
“Up to 2048 SQL packets in excess of 256Kbps should be queued up by r2 before packet loss occurs.”

Sounds like queueing to me.

“Do not use an access-list to accomplish this.”

That means we’ll be using a class-map with NBAR to match the traffic.

r2(config-cmap)#match protocol ?
—output truncated—
  sqlnet            SQL*NET for Oracle
  sqlserver         MS SQL Server

—output truncated—

We need to match on MICROSOFT SQL:

class-map match-all TASK_73
 match protocol sqlserver

r2(config-if)#policy-map TASK_73
r2(config-pmap)#class TASK_73
r2(config-pmap-c)#shape average 256000
r2(config-pmap-c)#shape ?
  adaptive        Enable Traffic Shaping adaptation to BECN
  average         configure token bucket: CIR (bps) [Bc (bits) [Be (bits)]],
                  send out Bc only per interval
  fecn-adapt      Enable Traffic Shaping reflection of FECN as BECN
  fr-voice-adapt  Enable rate adjustment depending on voice presence
  max-buffers     Set Maximum Buffer Limit
  peak            configure token bucket: CIR (bps) [Bc (bits) [Be (bits)]],
                  send out Bc+Be per interval

shape max-buffers

r2(config-pmap-c)#shape max-buffers 2048

r2(config-pmap-c)#int s0/0/0.1
r2(config-subif)#service-policy output TASK_73

r2(config-subif)#do sh policy-map int s0/0/0.1

 Serial0/0/0.1

  Service-policy output: TASK_73

    Class-map: TASK_73 (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol sqlserver
      Traffic Shaping
           Target/Average   Byte   Sustain   Excess    Interval  Increment
             Rate           Limit  bits/int  bits/int  (ms)      (bytes)
           256000/256000    1984   7936      7936      31        992

        Adapt  Queue     Packets   Bytes     Packets   Bytes     Shaping
        Active Depth                         Delayed   Delayed   Active
        -      0         0         0         0         0         no

    Class-map: class-default (match-any)
      23 packets, 2598 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

 

April 10, 2008

Question Of The Day: 10 April, 2008

Topic: Frame Relay Traffic Shaping

The network engineer in charge of r1 recently configured Frame Relay Traffic Shaping.  The remote sites have complained that they are still getting too much traffic ingress on their Frame Relay connections to r1.  You agree to look at his configuration:

map-class frame-relay FRTS
 frame-relay cir 256000
 frame-relay be 12880
 frame-relay mincir 128000
 frame-relay adaptive-shaping becn
!
interface Serial1/0
 ip address 10.1.1.1 255.255.255.0
 encapsulation frame-relay
 frame-relay class FRTS
 frame-relay map ip 10.1.1.2 102 broadcast
 frame-relay map ip 10.1.1.3 103 broadcast
 no frame-relay inverse-arp

r1#sh frame map
Serial1/0 (up): ip 10.1.1.2 dlci 102(0×66,0×1860), static,
              broadcast,
              CISCO, status defined, active
Serial1/0 (up): ip 10.1.1.3 dlci 103(0×67,0×1870), static,
              broadcast,
              CISCO, status defined, active

What is the problem with this configuration?


Yesterday’s Question

Question Of The Day: 09 April, 2008 

 Topic: IP Prefix Lists

Write a single line IP prefix list called “MY_SUBNETS” that will only allow the following subnets:

10.1.1.118/26
10.1.1.118/27
10.1.1.118/28
10.1.1.118/29
10.1.1.118/30

Answer: ip prefix-list MY_SUBNETS 10.1.1.118/26 le 30

When matching on multiple, contiguous IP subnets, your ip prefix-list should be in the form: ip prefix-list NAME permit x.x.x.x/[min mask] le [max mask]

ip prefix-list

 

April 5, 2008

Internetwork Expert Volume II: Lab 8 – Section 7

QoS – 8 Points

7.1  Queueing

Configure r1′s traffic shaping queue to hold 10 times the default amount of packets.

r1#sh traffic queue
Traffic queued in shaping queue on Serial0/0 dlci 105
  Queueing strategy: fcfs

r1#sh queueing int s0/0
Interface Serial0/0 queueing strategy: none

So what is the default number of packets?

Here’s the answer:

r1#sh frame pvc 104

PVC Statistics for interface Serial0/0 (Frame Relay DTE)

DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0

  input pkts 1371          output pkts 1726         in bytes 79864
  out bytes 93708          dropped pkts 0           in pkts dropped 0
  out pkts dropped 0                out bytes dropped 0
  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0
  out BECN pkts 0          in DE pkts 0             out DE pkts 0
  out bcast pkts 1145      out bcast bytes 59946
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  pvc create time 05:18:08, last time pvc status changed 05:17:48
  cir 128000    bc 16000     be 0         byte limit 2000   interval 125
  mincir 64000     byte increment 2000  Adaptive Shaping none
  pkts 1726      bytes 93708     pkts delayed 0         bytes delayed 0
  shaping inactive
  traffic shaping drops 0
  Queueing strategy: fifo
  Output queue 0/40, 0 drop, 0 dequeued 

Or the easier to read version:

r1#sh frame pvc 104 | i que
  Output queue 0/40, 0 drop, 0 dequeued

Now I need to find a way to change that from 40 to 400:

r1(config)#map-class frame-relay FRTS
r1(config-map-class)#frame ?
  adaptive-shaping   Adaptive traffic rate adjustment, Default = none
  bc                 Committed burst size (Bc), Default = 7000 bits
  be                 Excess burst size (Be), Default = 0 bits
  cir                Committed Information Rate (CIR), Default = 56000 bps
  congestion         Congestion management parameters
  custom-queue-list  VC custom queueing
  end-to-end         Configure frame-relay end-to-end VC parameters
  fair-queue         VC fair queueing
  fecn-adapt         Enable Traffic Shaping reflection of FECN as BECN
  fragment           fragmentation – Requires Frame Relay traffic-shaping to be
                     configured at the interface level
  holdq              Hold queue size for VC
  idle-timer         Idle timeout for a SVC, Default = 120 sec
  interface-queue    PVC interface queue parameters 
  ip                 Assign a priority queue for RTP streams
  mincir             Minimum acceptable CIR, Default = CIR/2 bps
  priority-group     VC priority queueing
  tc                 Policing Measurement Interval (Tc)
  traffic-rate       VC traffic rate
  voice              voice options

holdq looks promising:

frame-relay holdq

To configure the maximum size of a traffic-shaping queue on a switched permanent virtual circuit (PVC), use the frame-relay holdq command in map-class configuration mode.

Defaults
40 packets

That’s the stuff!

r1(config-map-class)#frame holdq 400

r1#sh frame pvc 104 | i que
  Output queue 0/400, 0 drop, 0 dequeued

The IE solution guide shows the configuration on r4 but it should be configured on r1:

Task 7.1

7.2 Congestion Management

Configure traffic with a UDP destination port of 7070 between r1 and r3 over the serial link with:

1) Priority over all other traffic on the link
2) A maximum of 128Kbps outbound on r1 and r3
3) A burst value of 64Kbps

Well we’re definitely talking LLQ here.  Let’s start by classifying the traffic:

r1(config)#ip access-list extended TASK72
r1(config-ext-nacl)#permit udp any any eq 7070

Now let’s put that in a class-map:

r1(config)#class-map TASK72
r1(config-cmap)#match access-group name TASK72

Now let’s configure our policy-map:

r1(config)#policy-map TASK72
r1(config-pmap)#class TASK72
r1(config-pmap-c)#priority 128000 64000

Finally, let’s apply this outbound on the serial link:

r1(config-if)#service-policy out TASK72
I/f Serial0/1 class TASK72 requested bandwidth 128000 (kbps), available only 1152 (kbps)

DOH!!!!  RTFM!

r1(config-pmap-c)#priority ?
  <8-2000000>  Kilo Bits per second
  percent      % of total bandwidth
r1(config-pmap-c)#  priority 128 ?
  <32-2000000>  Burst in bytes
  <cr>
r1(config-pmap-c)#  priority 128 8000 <-64000/8

r1(config-if)#service-policy out TASK72
Must remove fair-queue configuration first.

ARGH!!!!

r1(config-if)#do sh run int s0/1
interface Serial0/1
 ip address 174.1.13.1 255.255.255.0
 ip pim sparse-dense-mode
 fair-queue 64 256 256  <-WTF????

r1(config-if)#int s0/1
r1(config-if)#no fair
r1(config-if)#service-policy out TASK72

FINALLY!!!

r1#sh policy-map int s0/1 out
 Serial0/1

  Service-policy output: TASK72

    Class-map: TASK72 (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name TASK72
      Queueing
        Strict Priority
        Output Queue: Conversation 264
        Bandwidth 128 (kbps) Burst 8000 (Bytes)
        (pkts matched/bytes matched) 0/0
        (total drops/bytes drops) 0/0

    Class-map: class-default (match-any)
      368 packets, 23235 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

The cool thing is that you can drop this same configuration on r3:

r1#sh run | sec TASK72
class-map match-all TASK72
 match access-group name TASK72
policy-map TASK72
 class TASK72
  priority 128 8000
 service-policy output TASK72
ip access-list extended TASK72
 permit udp any any eq 7070

This discussion brings up a good point about the question asking for the burst in bps rather than just ‘bits’:

7.2 Cong. Mgmt

I think this question is flawed…..

The question is worded such that it wants 6400bps (bits PER SEC) of a burst.
The token bucket burst is entered as total bytes (i.e. within an interval of Tc, you can burst x bytes of data).
Since the rate needs to be 128kbps, you can’t send bursts at another rate as the CIR along with the burst bytes gives you a fixed Tc.

Yes I agree. I guess it’s 200ms in this case as default value calculated that way in the command reference.

So if question had asked 64000bits then 8000bytes is correct.

But question has asked 64000bps. therefore:
Be=64000bps*0,200sec = 12800bits = 1600 bytes.

so config should be:
priority 128 1600

7.3 Congestion Avoidance

Use WRED on traffic s0/0 on r4 [I initially read this question as requiring only traffic from VLAN 4 to be matched]:

1) Do not drop ‘critical’ traffic until there are 60 packets in queue
2) Drop 5 of every 25 packets of ‘critical’ traffic when there are 60 – 90 packets in queue
3) Drop all ‘critical’ packets once the queue exceeds 90

“critical” traffic is traffic with an IP precedence value of 5:

critical        Set packets with critical precedence (5)

So we need to set the queueing for traffic that matches ip precence 5

random-detect precedence

min-threshold
 Minimum threshold in number of packets. The value range of this argument is from 1 to 4096. When the average queue length reaches the minimum threshold, WRED randomly drops some packets with the specified IP Precedence.
 
max-threshold
 Maximum threshold in number of packets. The value range of this argument is from the value of the min-threshold argument to 4096. When the average queue length exceeds the maximum threshold, WRED drops all packets with the specified IP Precedence.
 
mark-prob-denominator
 Denominator for the fraction of packets dropped when the average queue depth is at the minimum threshold. For example, if the denominator is 512, 1 out of every 512 packets is dropped when the average queue is at the minimum threshold. The value range is from 1 to 65536. The default is 10; 1 out of every 10 packets is dropped at the minimum threshold.

The 5 out of 25 packets is the same as 1 out of 5 so:

policy-map TASK73
 class class-default
  fair-queue
  random-detect
  random-detect precedence 5   60    90    5

Finally, we apply this to our existing map-class:

r4(config)#map-class frame FRTS
r4(config-map-class)#service-policy out TASK73

r4#sh frame pvc 401 | b policy
  service policy TASK73
 Serial0/0: DLCI 401 -

  Service-policy output: TASK73

    Class-map: class-default (match-any)
      10 packets, 581 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      Queueing
        Flow Based Fair Queueing
        Maximum Number of Hashed Queues 16
        (total queued/total drops/no-buffer drops) 0/0/0
         exponential weight: 9

  class    Transmitted      Random drop      Tail drop    Minimum Maximum  Mark
           pkts/bytes       pkts/bytes       pkts/bytes    thresh  thresh  prob
      0       0/0               0/0              0/0           20      40  1/10
      1       0/0               0/0              0/0           22      40  1/10
      2       0/0               0/0              0/0           24      40  1/10
      3       0/0               0/0              0/0           26      40  1/10
      4       0/0               0/0              0/0           28      40  1/10
      5       0/0               0/0              0/0           60      90  1/5
      6      10/581             0/0              0/0           32      40  1/10
      7       0/0               0/0              0/0           34      40  1/10
   rsvp       0/0               0/0              0/0           36      40  1/10

  Output queue size 0/max total 600/drops 0

 

 

April 4, 2008

Internetwork Expert Volume II: Lab 3 – Section 8

QoS – 6 Points

8.1 FRTS

Configure FRTS with these parameters:

Data should be sent at a sustained rate of 256Kbps per DLCI.  <-CIR
In the event of congestion noticification fallback to no lower than 192Kbps  <-MINCIR with adaptive-shaping becn
Any FECNs received should be reflected back as a BECN. <-???

Not too hard to figure out the third one :-0

r1(config-map-class)#frame ?
  fecn-adapt         Enable Traffic Shaping reflection of FECN as BECN

frame-relay cir

frame-relay mincir

frame-relay adaptive-shaping

becn
 Enables rate adjustment in response to backward explicit congestion notification (BECN).

r1(config-map-class)#do sh run | sec FRTS
map-class frame-relay FRTS
 frame-relay cir 256000
 frame-relay mincir 192000
 frame-relay adaptive-shaping becn
 frame-relay fecn-adapt

Since we want to apply this to ALL DLCIs we just need two commands under the FR int:

r1(config-map-class)#int s0/0/0
r1(config-if)#frame traffic-shaping  <-don’t forget this!!!
r1(config-if)#frame class FRTS

r1(config-if)#do sh traffic

Interface   Se0/0/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
103           256000    4000   256000    0         125       4000      BECN
104           256000    4000   256000    0         125       4000      BECN
105           256000    4000   256000    0         125       4000      BECN
106           256000    4000   256000    0         125       4000      BECN
107           256000    4000   256000    0         125       4000      BECN
108           256000    4000   256000    0         125       4000      BECN
109           256000    4000   256000    0         125       4000      BECN
—output truncated—

8.2 Rate Limiting

Limit HTTP responses out r4′s fa0/1 to 256Kbps between the hours of 8am to 5pm Monday through Friday.

We need to build a time-range first:

time-range
http://www.cisco.com/en/US/docs/ios/12_3t/fun/command/reference/cfrgt_12.html#wp1058115

r4(config)#time-range TASK82
r4(config-time-range)#periodic weekdays 08:00 to 17:00

NOTE: Clarify with the proctor about the start and end time (17:00 versus 16:59)

Now let’s match HTTP in an (extended named) access-list:

ip access-list extended TASK82
 permit tcp any eq www any time-range TASK82

Let’s pop that sucker into a class-map:

class-map match-all TASK82
 match access-group name TASK82

Then match that class in a policy-map and apply our policing:

policy-map TASK82
 class TASK82
    police 256000

Finally let’s put this on the interface:

r4(config)#int fa0/1
r4(config-if)#service-policy out TASK82

The reason that I use consistent naming throughout the process is so that I can quickly look at my configuation:

r4(config-if)#do sh run | sec TASK82
class-map match-all TASK82
 match access-group name TASK82
policy-map TASK82
 class TASK82
    police 256000
 service-policy output TASK82
ip access-list extended TASK82
 permit tcp any eq www any time-range TASK82
time-range TASK82
 periodic weekdays 8:00 to 17:00

IE uses:

policy-map TASK82
 class TASK82
    police cir 256000

Not sure why?

Task 8.2 quick question

With ‘police 256000′:

r4#sh policy-map int fa0/1
 FastEthernet0/1

  Service-policy output: TASK82

    Class-map: TASK82 (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name TASK82
      police:
          cir 256000 bps, bc 8000 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

    Class-map: class-default (match-any)
      84 packets, 7949 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

With ‘police cir 256000′:

r4#sh policy-map int fa0/1
 FastEthernet0/1

  Service-policy output: TASK82

    Class-map: TASK82 (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name TASK82
      police:
          cir 256000 bps, bc 8000 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

    Class-map: class-default (match-any)
      101 packets, 9793 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

Any differences?

police

r4(config-pmap-c)#police ?
  <8000-2000000000>  Bits per second
  cir                Committed information rate
  rate               Specify police rate

8.3 Signalling

“…administrators have configured the client applications on these vlans to requrest bandwidth reservations…”

RSVP….Integrated Services

The good news is that RSVP is ridiculously easy to configure:

ip rsvp bandwidth

r4(config)#int s0/0/0
r4(config-if)#ip rsvp band 128 64

r4#sh ip rsvp int s0/0/0
interface    allocated  i/f max  flow max sub max
Se0/0/0      0          128K     64K      0

There is one ‘gotcha’ though: You need to enabled WFQ for RSVP.  When you turn on FRTS, WFQ is disabled.  You need to explicitly set it.

March 17, 2008

Internetwork Expert Volume II: Lab 8 – Section 2

Frame Relay – 9 Points

2.1 Hub-and-Spoke

Easy

2.2 Multilink PPP over Frame-Relay

This is the first PPP multilink over FR task I’ve encountered.  Luckily this is a technology that I use on the job so this was fairly easy.

2.3 Point-to-Point

Easy.  Because we’re using Frame inarp, just need to explicitly turn it off for the other PVCs.

I wasted a ton of time trying to reverse engineer the DLCIs on the CCOnlinelabs equipment.  DLCIs 100 and 62 (the DLCI that they supposed use) do not exist.

I finally had to strip the entire BB1 config off and then just turn on FR with an IP address on s0/0 and do the same on r6.  Frame inarp did it’s magic and you can see the results:

r6:
Serial0/0/0 (up): ip 54.1.2.254 dlci 629(0×275,0x9C50), dynamic,
              broadcast,
              CISCO, status defined, active

bb1:
Serial0/0 (up): ip 54.1.2.6 dlci 926(0x39E,0xE4E0), dynamic,
              broadcast,
              CISCO, status defined, active

So….I have DLCI 629 on r6 with 926 on bb1.  I’ve used CCOnlinelabs before and never had an issue like this.  My guess is that that the pod was set up for another vendor’s workbook.

2.4 Frame Relay Traffic Shaping

This seemed to be a very easy FRTS task. 

Bc = CIR * Tc/1000

Bc = 128000 * 125/1000
Bc = CIR * .125
BC = 16000

Without Bc configured:

r5#sh traffic | i Inter|Acc|VC|501
Interface   Se0/0/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
501           128000    2000   128000    0         125       2000      -

With Bc set to 16000:

r5#sh traffic | i Inter|Acc|VC|501
Interface   Se0/0/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
501           128000    2000   16000     0         125       2000      -

IE guide says to see explanation for FRTS task in lab 1.

I’ll have to review to find out why we needed to explicitly set the Bc.

Task 2.4

Next Page »

The Rubric Theme. Create a free website or blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 111 other followers