rate-limit на интерфейсе

Cisco
вариант 1

ip access-list extended 2000
permit ip any host 10.0.0.22

ip access-list extended 2699
permit ip any any

interface GigabitEthernet0/1.8
rate-limit output access-group 2000 8192000 1536000 3072000 conform-action transmit exceed-action drop
.....
rate-limit output access-group 2699 256000 65536 131072 conform-action transmit exceed-action drop




sh run
....
!
interface GigabitEthernet0/1.8
 description 9
 encapsulation dot1Q 11
 ip address 10.1.1.1 255.255.255.192 secondary
 ip address 10.0.0.1 255.255.255.192
 ip flow ingress
 ip flow egress
 rate-limit output access-group 2000 8192000 1536000 3072000 conform-action transmit exceed-action drop
 rate-limit output access-group 2699 256000 65536 131072 conform-action transmit exceed-action drop
 no cdp enable
!
.....
access-list 2000 permit ip any host 10.0.0.22
access-list 2699 permit ip any any


вариант 2 схож с 1-ым но access-list другой

sh run
....
interface GigabitEthernet0/1.11
 description 8
 encapsulation dot1Q 12
 ip address 192.168.42.2 255.255.255.0 secondary
 ip address 192.168.200.2 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly max-fragments 64 max-reassemblies 1024
 rate-limit output access-group 115 2048000 384000 768000 conform-action transmit exceed-action drop
 rate-limit output access-group 103 6144000 1152000 2304000 conform-action transmit exceed-action drop
 no cdp enable
!
.....
access-list 115 permit ip any host 192.168.42.22
access-list 115 permit ip any host 192.168.200.33

0 комментариев

Только зарегистрированные и авторизованные пользователи могут оставлять комментарии.