[ AdiX @ 22.12.2009. 21:43 ] @
Pozdrav, imam cisco861 router. Na njemu treba da limitiram bandiwdth po ip adresama i zabranim nekoliko destinacijskih ip adresa. Limit po IP adresama radi ali droopanje destinacijskih ip adresa ne radi. Konfiguracija: ************************************************************************ ! class-map match-all Limit-256K match access-group 102 class-map match-all Limit-1M match access-group 100 class-map match-all Limit-512K match access-group 101 class-map match-all Limit-128K match access-group 103 class-map match-all QOS ! ! policy-map Limit-128K class Limit-128K policy-map QOS class Limit-1M police 1000000 conform-action transmit exceed-action drop class Limit-512K police 512000 conform-action transmit exceed-action drop class Limit-256K police 256000 conform-action transmit exceed-action drop class Limit-128K police 128000 conform-action transmit exceed-action drop ! interface FastEthernet4 ip address 10.10.0.xx 255.255.255.0 duplex auto speed auto service-policy input QOS ! interface Vlan1 ip address 192.168.1.254 255.255.255.0 ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 10.10.0.xx no ip http server no ip http secure-server ! ! access-list 100 permit ip host 192.168.1.1 any access-list 100 permit ip any host 192.168.1.1 access-list 100 permit ip host 192.168.1.2 any access-list 100 permit ip any host 192.168.1.2 ************************************************************************ za dropanje destinacijskih IP koristio sam ACL npr access-list 100 deny ip any host xxx.xxx.xxx.xxx u cemu je problem ? hvala i pozdrav. |