xpedia
asked on
Cisco Router 2800 and 3800 QOS
Hello, I have two routers with point to point connection. Internet is limited by the following lines in the config.
class police-internet
police 2500000 conform-action transmit exceed-action drop
class scavenger-traffic
police 512000
This was a 10Mb circuit, but we changed it to 100Mb.
What would be the steps to increase my internet bandwidth.
FYI, I'm not a network engineer.
Thank you
class police-internet
police 2500000 conform-action transmit exceed-action drop
class scavenger-traffic
police 512000
This was a 10Mb circuit, but we changed it to 100Mb.
What would be the steps to increase my internet bandwidth.
FYI, I'm not a network engineer.
Thank you
ASKER
Thank you, yes you are correct.
I am at the # prompt, I need to know the proper commands to get to where I can change it to 25 Mbs.
I am at the # prompt, I need to know the proper commands to get to where I can change it to 25 Mbs.
Would need to see the current config.
ASKER
can I email you the config directly?
my email is eddie@peoplefinders.com
my email is eddie@peoplefinders.com
Just post it here without the passwords and public IP addresses.
And use the "code" function below.
And use the "code" function below.
ASKER
!
! Last configuration change at 13:52:35 PDT Thu Jun 17 2010 by admin
! NVRAM config last updated at 13:52:42 PDT Thu Jun 17 2010 by admin
!
configuration mode exclusive manual
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone year
no service timestamps log uptime
service password-encryption
service compress-config
!
hostname q
!
boot-start-marker
boot-end-marker
!
card type t1 0 2
security passwords min-length 5
logging buffered 8192 debugging
logging console warnings
enable secret 5
!
aaa new-model
!
!
aaa group server tacacs+ mytacacs
server 1.1.1.1
server 1.1.1.2
!
aaa authentication banner ^C
This is a test of the authentication banner ^C
aaa authentication login LOCAL_AUTH local
!
aaa session-id common
!
resource policy
!
clock timezone PST -8
clock summer-time PDT recurring
no network-clock-participate wic 2
ip subnet-zero
no ip source-route
!
!
ip cef
!
!
ip flow-cache timeout active 1
no ip bootp server
ip domain name cisco.com
ip multicast-routing
ip sla monitor logging traps
!
!
!
key chain rick
key 1
key-string 7 06160E325F59060B01
!
crypto pki server cisco
issuer-name CN=iosca.cisco.com L=Sac ST=CA C=US
grant auto
!
crypto pki trustpoint cisco
revocation-check crl
rsakeypair cisco
!
crypto pki trustpoint iosca
enrollment url http://172.16.1.2:80
revocation-check none
!
crypto pki trustpoint TP-self-signed-275155243
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-275155243
revocation-check none
rsakeypair TP-self-signed-275155243
!
!
crypto pki certificate chain cisco
certificate ca 01
quit
crypto pki certificate chain iosca
crypto pki certificate chain TP-self-signed-275155243
certificate self-signed 01
quit
username admin privilege 15 secret 5
username mj privilege 15 password 7
!
!
controller T1 0/2/0
framing esf
linecode b8zs
channel-group 0 timeslots 1-24
!
controller T1 0/2/1
framing esf
linecode b8zs
channel-group 1 timeslots 1-24
!
track 1 interface FastEthernet0/1 ip routing
!
class-map match-any mark-pfadmin-traffic
match access-group name qos-pfadmin
class-map match-any mark-scavenger-traffic
match protocol fasttrack
match protocol kazaa2
match protocol napster
match access-group name mark-scavenger-traffic
match protocol edonkey
match protocol rtsp
match protocol streamwork
class-map match-any mark-transactional-traffic
match access-group name transactional-traffic
class-map match-any mark-cid-traffic
match access-group name cid-traffic
class-map match-any transactional-traffic
match dscp af12
match dscp af21
match access-group name transactional-traffic
match access-group name qos-pfadmin
class-map match-any police-internet
match access-group name police-internet
class-map match-any cid-traffic
match dscp af31
class-map match-any scavenger-traffic
match dscp cs1
class-map match-any mgmt-traffic
match dscp af11
class-map match-any oregon-traffic
match dscp af13
match access-group name oregon-traffic
class-map match-any mark-oregon-traffic
match access-group name oregon-traffic
class-map match-any mark-mgmt-traffic
match protocol ospf
match protocol ssh
match protocol icmp
match protocol telnet
match protocol eigrp
match protocol snmp
match protocol rip
match protocol bgp
match protocol syslog
match protocol ntp
!
!
policy-map qos-qstreet
class transactional-traffic
bandwidth percent 20
random-detect dscp-based
class oregon-traffic
bandwidth percent 30
class mgmt-traffic
bandwidth percent 5
compress header ip tcp
class police-internet
police 2500000 conform-action transmit exceed-action drop
class scavenger-traffic
police 512000
class cid-traffic
bandwidth percent 15
random-detect dscp-based
class class-default
fair-queue
policy-map mark-traffic
class mark-mgmt-traffic
set dscp af11
class mark-transactional-traffic
set dscp af12
class mark-oregon-traffic
set dscp af13
class mark-scavenger-traffic
set dscp cs1
class mark-pfadmin-traffic
set dscp af21
class mark-cid-traffic
set dscp af31
!
!
crypto isakmp xauth timeout 15
!
buffers tune automatic
!
!
interface Loopback0
ip address 1.1.0.1 255.255.255.0
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
!
interface Loopback2
ip address 1.1.2.1 255.255.255.0
!
interface Port-channel1
no ip address
hold-queue 300 in
!
interface Multilink1
ip address 172.16.3.1 255.255.255.252
ip accounting output-packets
ip nbar protocol-discovery
ip route-cache policy
ppp multilink
ppp multilink group 1
!
interface FastEthernet0/0
description opt-e-man
bandwidth 10240
ip address 172.16.3.9 255.255.255.248
ip nbar protocol-discovery
ip load-sharing per-packet
ip flow ingress
ip flow egress
ip authentication mode eigrp 1 md5
ip authentication key-chain eigrp 1 rick
ip pim sparse-dense-mode
ip route-cache policy
ip route-cache flow
duplex full
speed 100
service-policy output qos-qstreet
!
interface FastEthernet0/1
description ****To ASA****
ip address 172.16.1.2 255.255.255.0
ip nbar protocol-discovery
ip ospf priority 10
duplex auto
speed auto
service-policy input mark-traffic
!
interface Serial0/2/0:0
description circuit ID#
no ip address
encapsulation frame-relay
no fair-queue
frame-relay interface-dlci 21
!
interface Serial0/2/1:1
description circuit ID#
no ip address
encapsulation ppp
no fair-queue
ppp multilink
ppp multilink group 1
!
interface Serial0/3/0
ip address 172.16.3.5 255.255.255.252
encapsulation ppp
ip tcp header-compression
!
router eigrp 1
network 1.1.0.0 0.0.3.255
network 172.16.3.0 0.0.0.255
distance 10 0.0.0.0 255.255.255.255
no auto-summary
!
router ospf 1
router-id 172.16.1.2
log-adjacency-changes
network 172.16.1.2 0.0.0.0 area 0
network 172.16.3.0 0.0.0.3 area 0
network 172.16.3.9 0.0.0.0 area 0
maximum-paths 2
!
router isis test
!
router rip
version 2
redistribute eigrp 1 metric 3
network 172.16.0.0
neighbor 172.16.3.10
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.1.1
ip route 172.16.4.9 255.255.255.255 172.16.3.6
ip route 172.16.5.0 255.255.255.0 172.16.3.2
ip route 172.16.5.0 255.255.255.0 172.16.3.6
ip flow-export version 5
ip flow-export destination 192.168.16.200 9666
ip flow-export destination 192.168.16.200 9996
!
no ip http server
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip pim bsr-candidate FastEthernet0/0 0
!
ip access-list standard log-vty
permit any log
!
ip access-list extended cid-traffic
permit ip host 192.168.8.123 172.16.4.0 0.0.0.255
ip access-list extended mark-scavenger-traffic
permit ip host 208.111.148.6 any
permit ip host 208.111.148.7 any
ip access-list extended oregon-traffic
permit ip host 172.16.0.20 any
permit ip any host 172.16.4.198
ip access-list extended police-internet
deny ip 172.16.0.0 0.0.0.255 172.16.4.0 0.0.0.255
deny ip 192.168.7.0 0.0.0.255 172.16.4.0 0.0.0.255
deny ip 192.168.8.0 0.0.0.255 172.16.4.0 0.0.0.255
deny ip 10.10.1.0 0.0.0.255 172.16.4.0 0.0.0.255
deny ip host 12.10.115.138 172.16.4.0 0.0.0.255
deny ip host 208.73.212.12 172.16.4.0 0.0.0.255
deny ip host 208.218.138.177 172.16.4.0 0.0.0.255
deny ip host 74.208.33.214 172.16.4.0 0.0.0.255
deny ip host 12.197.80.58 172.16.4.0 0.0.0.255
deny ip host 65.74.145.237 172.16.4.0 0.0.0.255
deny ip host 206.83.204.210 172.16.4.0 0.0.0.255
deny ip host 167.197.188.201 172.16.4.0 0.0.0.255
deny ip host 65.198.145.5 172.16.4.0 0.0.0.255
deny ip host 64.57.103.199 172.16.4.0 0.0.0.255
deny ip host 64.57.103.198 172.16.4.0 0.0.0.255
deny ip host 66.218.84.150 172.16.4.0 0.0.0.255
deny ip host 64.14.60.10 172.16.4.0 0.0.0.255
deny ip host 155.199.36.24 172.16.4.0 0.0.0.255
permit ip any any
ip access-list extended qos-pfadmin
permit ip host 192.168.8.101 172.16.4.0 0.0.0.255
ip access-list extended rdp-traffic
permit tcp any any eq 3389
ip access-list extended transactional-traffic
permit ip host 172.16.0.11 172.16.4.0 0.0.0.255
permit ip host 172.16.0.12 172.16.4.0 0.0.0.255
permit ip host 172.16.0.51 172.16.4.0 0.0.0.255
permit ip host 172.16.0.15 172.16.4.0 0.0.0.255
permit ip host 192.168.7.112 172.16.4.0 0.0.0.255
permit ip host 192.168.7.104 172.16.4.0 0.0.0.255
permit ip host 192.168.7.113 172.16.4.0 0.0.0.255
permit ip host 192.168.7.119 172.16.4.0 0.0.0.255
permit ip host 192.168.7.100 172.16.4.0 0.0.0.255
permit ip host 172.16.0.40 172.16.4.0 0.0.0.255
permit ip host 172.16.0.41 172.16.4.0 0.0.0.255
permit ip host 172.16.0.42 172.16.4.0 0.0.0.255
permit ip host 172.16.0.60 172.16.4.0 0.0.0.255
permit ip 12.185.21.0 0.0.0.255 172.16.4.0 0.0.0.255
!
logging trap debugging
logging 172.16.0.184
access-list 99 permit 192.168.16.222
access-list 99 permit 192.168.16.200
snmp-server group PFRO v3 priv read view3
snmp-server view view3 mib-2 included
snmp-server view viewV3 mib-2 included
snmp-server community pplfinders RO 99
snmp-server trap link ietf
snmp-server enable traps eigrp
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps syslog
snmp-server host 192.168.16.200 pfuser
snmp-server host 192.168.16.200 version 2c ppffinder
snmp-server host 192.168.16.200 pplfinders
!
!
control-plane
!
!
banner incoming ^C
test
^C
!
line con 0
access-class log-vty in
privilege level 15
password 7
login authentication LOCAL_AUTH
line aux 0
line vty 0 4
access-class log-vty in
privilege level 15
password 7
login authentication LOCAL_AUTH
transport input ssh
line vty 5
transport input ssh
parser view first
secret 5
commands exec include show ip route
commands exec include show ip
commands exec include show
!
parser view test
!
parser view superview superview
secret 5
view first
!
!
warm-reboot
scheduler allocate 20000 1000
ntp authentication-key 1 md5
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179558
ntp source FastEthernet0/1
!
end
conf t
class police-internet
police 25000000 conform-action transmit exceed-action drop
end
copy run start
class police-internet
police 25000000 conform-action transmit exceed-action drop
end
copy run start
ASKER
I get this
Q(config)#class police-internet
^
% Invalid input detected at '^' marker.
Q(config)#class police-internet
^
% Invalid input detected at '^' marker.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That worked, thank you very much!
So changing the line:
police 2500000 conform-action transmit exceed-action drop
to
police 25000000 conform-action transmit exceed-action drop
would increase traffic to 25mbps