Link to home
Start Free TrialLog in
Avatar of xpedia
xpediaFlag for United States of America

asked on

Cisco Router 2800 and 3800 QOS

Hello, I have two routers with point to point connection. Internet is limited by the following lines in the config.

class police-internet
   police 2500000 conform-action transmit  exceed-action drop
 class scavenger-traffic
   police 512000

This was a 10Mb circuit, but we changed it to 100Mb.

What would be the steps to increase my internet bandwidth.
FYI, I'm not a network engineer.

Thank you
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Looks like you're currently limiting internet traffic to 2.5mbps.

So changing the line:

   police 2500000 conform-action transmit  exceed-action drop

to

   police 25000000 conform-action transmit  exceed-action drop

would increase traffic to 25mbps
Avatar of xpedia
xpedia
Flag of United States of America image

ASKER

Thank you, yes you are correct.

I am at the # prompt, I need to know the proper commands to get to where I can change it to 25 Mbs.
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Would need to see the current config.
Avatar of xpedia
xpedia
Flag of United States of America image

ASKER

can I email you the config directly?

my email is eddie@peoplefinders.com
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Just post it here without the passwords and public IP addresses.

And use the "code" function below.
Avatar of xpedia
xpedia
Flag of United States of America image

ASKER

!
! Last configuration change at 13:52:35 PDT Thu Jun 17 2010 by admin
! NVRAM config last updated at 13:52:42 PDT Thu Jun 17 2010 by admin
!
configuration mode exclusive manual
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone year
no service timestamps log uptime
service password-encryption
service compress-config
!
hostname q
!
boot-start-marker
boot-end-marker
!
card type t1 0 2
security passwords min-length 5
logging buffered 8192 debugging
logging console warnings
enable secret 5 
!
aaa new-model
!
!
aaa group server tacacs+ mytacacs
 server 1.1.1.1
 server 1.1.1.2
!
aaa authentication banner ^C
This is a test of the authentication banner ^C
aaa authentication login LOCAL_AUTH local
!
aaa session-id common
!
resource policy
!
clock timezone PST -8
clock summer-time PDT recurring
no network-clock-participate wic 2 
ip subnet-zero
no ip source-route
!
!
ip cef
!
!
ip flow-cache timeout active 1
no ip bootp server
ip domain name cisco.com
ip multicast-routing 
ip sla monitor logging traps
!
!
!
key chain rick
 key 1
  key-string 7 06160E325F59060B01
!
crypto pki server cisco
 issuer-name CN=iosca.cisco.com L=Sac ST=CA C=US
 grant auto
!
crypto pki trustpoint cisco
 revocation-check crl
 rsakeypair cisco
!
crypto pki trustpoint iosca
 enrollment url http://172.16.1.2:80
 revocation-check none
!
crypto pki trustpoint TP-self-signed-275155243
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-275155243
 revocation-check none
 rsakeypair TP-self-signed-275155243
!
!
crypto pki certificate chain cisco
 certificate ca 01

  quit
crypto pki certificate chain iosca
crypto pki certificate chain TP-self-signed-275155243
 certificate self-signed 01
 

  quit

username admin privilege 15 secret 5 

username mj privilege 15 password 7 

!
!
controller T1 0/2/0
 framing esf
 linecode b8zs
 channel-group 0 timeslots 1-24
!
controller T1 0/2/1
 framing esf
 linecode b8zs
 channel-group 1 timeslots 1-24
!
track 1 interface FastEthernet0/1 ip routing
!
class-map match-any mark-pfadmin-traffic
 match access-group name qos-pfadmin
class-map match-any mark-scavenger-traffic
 match protocol fasttrack
 match protocol kazaa2
 match protocol napster
 match access-group name mark-scavenger-traffic
 match protocol edonkey
 match protocol rtsp
 match protocol streamwork
class-map match-any mark-transactional-traffic
 match access-group name transactional-traffic
class-map match-any mark-cid-traffic
 match access-group name cid-traffic
class-map match-any transactional-traffic
 match  dscp af12 
 match  dscp af21 
 match access-group name transactional-traffic
 match access-group name qos-pfadmin
class-map match-any police-internet
 match access-group name police-internet
class-map match-any cid-traffic
 match  dscp af31 
class-map match-any scavenger-traffic
 match  dscp cs1 
class-map match-any mgmt-traffic
 match  dscp af11 
class-map match-any oregon-traffic
 match  dscp af13 
 match access-group name oregon-traffic
class-map match-any mark-oregon-traffic
 match access-group name oregon-traffic
class-map match-any mark-mgmt-traffic
 match protocol ospf
 match protocol ssh
 match protocol icmp
 match protocol telnet
 match protocol eigrp
 match protocol snmp
 match protocol rip
 match protocol bgp
 match protocol syslog
 match protocol ntp
!
!
policy-map qos-qstreet
 class transactional-traffic
  bandwidth percent 20
  random-detect dscp-based
 class oregon-traffic
  bandwidth percent 30
 class mgmt-traffic
  bandwidth percent 5
   compress header ip tcp
 class police-internet
   police 2500000 conform-action transmit  exceed-action drop 
 class scavenger-traffic
   police 512000
 class cid-traffic
  bandwidth percent 15
  random-detect dscp-based
 class class-default
  fair-queue
policy-map mark-traffic
 class mark-mgmt-traffic
  set dscp af11
 class mark-transactional-traffic
  set dscp af12
 class mark-oregon-traffic
  set dscp af13
 class mark-scavenger-traffic
  set dscp cs1
 class mark-pfadmin-traffic
  set dscp af21
 class mark-cid-traffic
  set dscp af31
!
! 
crypto isakmp xauth timeout 15

!
buffers tune automatic
!
!
interface Loopback0
 ip address 1.1.0.1 255.255.255.0
!
interface Loopback1
 ip address 1.1.1.1 255.255.255.0
!
interface Loopback2
 ip address 1.1.2.1 255.255.255.0
!
interface Port-channel1
 no ip address
 hold-queue 300 in
!
interface Multilink1
 ip address 172.16.3.1 255.255.255.252
 ip accounting output-packets
 ip nbar protocol-discovery
 ip route-cache policy
 ppp multilink
 ppp multilink group 1
!
interface FastEthernet0/0
 description opt-e-man
 bandwidth 10240
 ip address 172.16.3.9 255.255.255.248
 ip nbar protocol-discovery
 ip load-sharing per-packet
 ip flow ingress
 ip flow egress
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 rick
 ip pim sparse-dense-mode
 ip route-cache policy
 ip route-cache flow
 duplex full
 speed 100
 service-policy output qos-qstreet
!
interface FastEthernet0/1
 description ****To ASA****
 ip address 172.16.1.2 255.255.255.0
 ip nbar protocol-discovery
 ip ospf priority 10
 duplex auto
 speed auto
 service-policy input mark-traffic
!
interface Serial0/2/0:0
 description circuit ID# 
 no ip address
 encapsulation frame-relay
 no fair-queue
 frame-relay interface-dlci 21
!
interface Serial0/2/1:1
 description circuit ID# 
 no ip address
 encapsulation ppp
 no fair-queue
 ppp multilink
 ppp multilink group 1
!
interface Serial0/3/0
 ip address 172.16.3.5 255.255.255.252
 encapsulation ppp
 ip tcp header-compression
!
router eigrp 1
 network 1.1.0.0 0.0.3.255
 network 172.16.3.0 0.0.0.255
 distance 10 0.0.0.0 255.255.255.255
 no auto-summary
!
router ospf 1
 router-id 172.16.1.2
 log-adjacency-changes
 network 172.16.1.2 0.0.0.0 area 0
 network 172.16.3.0 0.0.0.3 area 0
 network 172.16.3.9 0.0.0.0 area 0
 maximum-paths 2
!
router isis test
!
router rip
 version 2
 redistribute eigrp 1 metric 3
 network 172.16.0.0
 neighbor 172.16.3.10
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.1.1
ip route 172.16.4.9 255.255.255.255 172.16.3.6
ip route 172.16.5.0 255.255.255.0 172.16.3.2
ip route 172.16.5.0 255.255.255.0 172.16.3.6
ip flow-export version 5
ip flow-export destination 192.168.16.200 9666
ip flow-export destination 192.168.16.200 9996
!
no ip http server
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip pim bsr-candidate FastEthernet0/0 0
!
ip access-list standard log-vty
 permit any log
!
ip access-list extended cid-traffic
 permit ip host 192.168.8.123 172.16.4.0 0.0.0.255
ip access-list extended mark-scavenger-traffic
 permit ip host 208.111.148.6 any
 permit ip host 208.111.148.7 any
ip access-list extended oregon-traffic
 permit ip host 172.16.0.20 any
 permit ip any host 172.16.4.198
ip access-list extended police-internet
 deny   ip 172.16.0.0 0.0.0.255 172.16.4.0 0.0.0.255
 deny   ip 192.168.7.0 0.0.0.255 172.16.4.0 0.0.0.255
 deny   ip 192.168.8.0 0.0.0.255 172.16.4.0 0.0.0.255
 deny   ip 10.10.1.0 0.0.0.255 172.16.4.0 0.0.0.255
 deny   ip host 12.10.115.138 172.16.4.0 0.0.0.255
 deny   ip host 208.73.212.12 172.16.4.0 0.0.0.255
 deny   ip host 208.218.138.177 172.16.4.0 0.0.0.255
 deny   ip host 74.208.33.214 172.16.4.0 0.0.0.255
 deny   ip host 12.197.80.58 172.16.4.0 0.0.0.255
 deny   ip host 65.74.145.237 172.16.4.0 0.0.0.255
 deny   ip host 206.83.204.210 172.16.4.0 0.0.0.255
 deny   ip host 167.197.188.201 172.16.4.0 0.0.0.255
 deny   ip host 65.198.145.5 172.16.4.0 0.0.0.255
 deny   ip host 64.57.103.199 172.16.4.0 0.0.0.255
 deny   ip host 64.57.103.198 172.16.4.0 0.0.0.255
 deny   ip host 66.218.84.150 172.16.4.0 0.0.0.255
 deny   ip host 64.14.60.10 172.16.4.0 0.0.0.255
 deny   ip host 155.199.36.24 172.16.4.0 0.0.0.255
 permit ip any any
ip access-list extended qos-pfadmin
 permit ip host 192.168.8.101 172.16.4.0 0.0.0.255
ip access-list extended rdp-traffic
 permit tcp any any eq 3389
ip access-list extended transactional-traffic
 permit ip host 172.16.0.11 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.12 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.51 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.15 172.16.4.0 0.0.0.255
 permit ip host 192.168.7.112 172.16.4.0 0.0.0.255
 permit ip host 192.168.7.104 172.16.4.0 0.0.0.255
 permit ip host 192.168.7.113 172.16.4.0 0.0.0.255
 permit ip host 192.168.7.119 172.16.4.0 0.0.0.255
 permit ip host 192.168.7.100 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.40 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.41 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.42 172.16.4.0 0.0.0.255
 permit ip host 172.16.0.60 172.16.4.0 0.0.0.255
 permit ip 12.185.21.0 0.0.0.255 172.16.4.0 0.0.0.255
!
logging trap debugging
logging 172.16.0.184
access-list 99 permit 192.168.16.222
access-list 99 permit 192.168.16.200
snmp-server group PFRO v3 priv read view3 
snmp-server view view3 mib-2 included
snmp-server view viewV3 mib-2 included
snmp-server community pplfinders RO 99
snmp-server trap link ietf
snmp-server enable traps eigrp
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps syslog
snmp-server host 192.168.16.200 pfuser 
snmp-server host 192.168.16.200 version 2c ppffinder 
snmp-server host 192.168.16.200 pplfinders 
!
!
control-plane
!
!
banner incoming ^C
test 
^C
!
line con 0
 access-class log-vty in
 privilege level 15
 password 7 
 login authentication LOCAL_AUTH
line aux 0
line vty 0 4
 access-class log-vty in
 privilege level 15
 password 7 
 login authentication LOCAL_AUTH
 transport input ssh
line vty 5
 transport input ssh
parser view first
 secret 5 
 commands exec include show ip route
 commands exec include show ip
 commands exec include show
!
parser view test
!
parser view superview superview
 secret 5 
 view first
!
!
warm-reboot
scheduler allocate 20000 1000
ntp authentication-key 1 md5 
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179558
ntp source FastEthernet0/1
!
end

Open in new window

Avatar of Don Johnston
Don Johnston
Flag of United States of America image
conf t
 class police-internet
   police 25000000 conform-action transmit  exceed-action drop
end
copy run start
Avatar of xpedia
xpedia
Flag of United States of America image

ASKER

I get this

Q(config)#class police-internet
                         ^
% Invalid input detected at '^' marker.

ASKER CERTIFIED SOLUTION
Avatar of Don Johnston
Don Johnston
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of xpedia
xpedia
Flag of United States of America image

ASKER

That worked, thank you very much!