|
Previous
|
Content |
Next
|
|
|
2.3.2- Edge2 |
|
 |
|
| Second example implemented by DS Linux Implementation is called
Edge2. The implementation is a slight
variation from the previous one. Again, the goal is to implement an edge router as a marker device. Packets
are expected to come from the same network 10.2.0.0/24; packets from
host
10.2.0.24 should be marked as DS value 0xb8 (EF class),
packets from host 10.2.0.3 should be marked as DS value 0x28
(AF11 class) and rest of packets from network 10.2.0.0/24
should be marked as DS value 0x48 (AF21 class). But here
the difference begins. Packets from network 10.2.0.0/24 not
belonging to the hosts 10.2.0.24 or 10.2.0.3 must be policed
before entering the domain. The police intends to protect the domain not
permitting that traffic beyond 1500 Kbps enter unless they are coming
from the two selected hosts. |
| Cisco solution is again very simple. We create
three traffic classes to identify the two hosts and the network and
next a traffic policy to mark the packets but including an
additional police command in the network 10.2.0.0/24 traffic
class. Configuration on the Cisco
router is as follows: |
|
|
|
|
Same as before.
First using access-list commands we identify the two hosts and the network; then
we create three traffic classes, one for each access-list
using class-map commands. Next we create a traffic policy
using policy-map command; then we add each traffic class to
the traffic policy telling the router to set the dscp using
the set ip dscp command depending on each class; additionally for the
ds_af21 traffic class we police it using the police
command; rate = 1500 Kbps and burst = 90k like Linux
example. Finally we attach
the traffic policy to the Serial1 interface for input.
Ready.. any packet coming from this network will be marked accordingly.
Packets from the network not belonging to the hosts 10.2.0.3 or
10.2.0.24 will be policed to a maximum of 1500 Kbps. |
|
Next example is Edge31-ca-u32. Let's go. |
|
|
|
|
|
Previous
|
Content |
Next
|
