DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Huawei device configuration QOS to limit the intranet IP address


  •     Spoto
  • |
  •   Posted on: 2019-05-13
  • |
  •   Views: 2114

Huawei device configuration QOS to limit the intranet IP address

 

Networking requirements RouterA is deployed at the egress of the enterprise network. Enterprise users connect to RouterA through two different network segments to access the server 222.1.1.1.24. It is required to control the access of the internal network of the enterprise network to the server 192.168.10.0/24, and the rate is limited to 64 kbit/s.

 Configure a network diagram for limiting the rate based on the intranet IP address.


 

 

Steps

RouterA configuration

#

Sysname RouterA

#

Vlan batch 10 20

#

Acl number 3001 //Configure the numbered access control list numbered 3001

Rule 5 permit ip source 192.168.10.0 0.0.0.255 //Configure rule 5 to allow packets with the source address of 192.168.10.0 to pass the network segment.

Rule 10 permit ip source 192.168.20.0 0.0.0.255 //Configure rule 10 to allow packets with the source address of 192.168.20.0 to pass the network segment.

Acl number 3002 //Configure the numbered access control list numbered 3002

Rule 5 permit ip source 192.168.10.0 0.0.0.255 //Configure rule 5 to allow packets with the source address of 192.168.10.0 to pass the network segment.

#

Qos queue-profile limit //Create queue template limit

  Queue 3 gts cir 64 cbs 1600 //Configure queue 3's committed information rate to 64kbit/s

#

Traffic classifier c1 operator or

If-match acl 3002 //Configure the traffic class c1: match the rule to ACL 3002

#

Traffic behavior b1

If the traffic is classified as permit or deny, the default is permit.

#

Traffic policy p1

Classifier c1 behavior b1 //Configure the traffic policy p1: Bind traffic class c1 and traffic behavior b1

#

Interface Vlanif10

Ip address 192.168.10.1 255.255.255.0

#

Interface Vlanif20

Ip address 192.168.20.1 255.255.255.0

#

Interface Ethernet2/0/0

Port link-type trunk //Configure the link type of the interface as trunk

Port trunk allow-pass vlan 10 20 //Configure the trunk type interface to join vlan 10 and vlan 20

Traffic-policy p1 inbound //Apply the traffic policy p1 in the inbound direction of the interface.

#

Interface GigabitEthernet3/0/0

Ip address 222.0.1.1 255.255.255.0

Qos queue-profile limit //Apply the queue template limit on the interface.

Nat outbound 3001 //Do NAT on the interface matching the ACL 3001

#

Ip route-static 0.0.0.0 0.0.0.0 222.0.1.2

#

 

Verify the configuration result

# Run the display qos queue statistics interface gigabitethernet 3/0/0 command to check the statistics of the packets that have been configured with the queue template limit on GE 3/0/0. You can see that the output rate of queue 3 is limited to the specified range. After the queue is full, the packets that cannot be cached are discarded.


Configuration considerations

Configure the interface connected to the network segment as an Access interface and add it to the corresponding VLAN.

Configure the interface that connects the Switch to RouterA as a trunk interface and add it to the corresponding VLAN.

 

view more CCIE test

 

More you may be interested:

Information about CISCO CERTIFICATION EXAM latest dumps this week

 

First one to pass CCIE Data Center v2.1Lab Exam and DC workbook

 

CanI boost my salary after acquiring CCIE Security certification?

Comments:


Start the discussion...


To Leave a Comment or reply to posts please log in