QoS on Cisco ASA 5505 (DSL)
in [Cisco]
|
Prev: 830 - worth to start with ?
Next: Cisco VPN Client
From: Rob on 17 Feb 2010 13:51 Joe <midas1108(a)gmail.com> wrote: > On Feb 17, 12:30 pm, Rob <nom...(a)example.com> wrote: >> Joe <midas1...(a)gmail.com> wrote: >> > Is there anything that you can >> > see in my config that would make it not work? >> >> I have experience only with the rate-limiting solution, so I cannot >> really tell... >> (I use "traffic-shape group" commands) > > Do you have an example of some code to do this? I'd want to do this > with ftp, and I have another site that I'd use it with SMTP (for a > scan-to-email machine they have). On the interface attached to the DSL modem: traffic-shape group 102 256000 12800 12800 1000 traffic-shape group 103 650000 32500 32500 1000 traffic-shape group 104 768000 76800 76800 1000 Access lists: access-list 102 remark Outgoing ADSL low priority traffic access-list 102 permit tcp any any eq smtp access-list 103 remark Outgoing ADSL medium priority traffic access-list 103 permit tcp any any access-list 104 remark Outgoing ADSL high priority traffic access-list 104 permit ip any any Here SMTP is put in the low-rate group (256 kbps), any other TCP traffic is medium-rate (650 kbps) and the remainder of IP traffic is highest rate (768 kbps). Just an example, adapt to requirements.
From: alexd on 17 Feb 2010 13:58 On Wed, 17 Feb 2010 10:43:04 -0800, Joe wrote: > Do you have an example of some code to do this? I'd want to do this > with ftp, and I have another site that I'd use it with SMTP (for a > scan-to-email machine they have). <http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ qos.html> -- <http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm(a)ale.cx) 18:57:50 up 1 day, 23:48, 6 users, load average: 0.00, 0.04, 0.06 DIMENSION-CONTROLLING FORT DOH HAS NOW BEEN DEMOLISHED, AND TIME STARTED FLOWING REVERSELY
From: Joe on 17 Feb 2010 14:18 On Feb 17, 1:51 pm, Rob <nom...(a)example.com> wrote: > Joe <midas1...(a)gmail.com> wrote: > > On Feb 17, 12:30 pm, Rob <nom...(a)example.com> wrote: > >> Joe <midas1...(a)gmail.com> wrote: > >> > Is there anything that you can > >> > see in my config that would make it not work? > > >> I have experience only with the rate-limiting solution, so I cannot > >> really tell... > >> (I use "traffic-shape group" commands) > > > Do you have an example of some code to do this? I'd want to do this > > with ftp, and I have another site that I'd use it with SMTP (for a > > scan-to-email machine they have). > > On the interface attached to the DSL modem: > > traffic-shape group 102 256000 12800 12800 1000 > traffic-shape group 103 650000 32500 32500 1000 > traffic-shape group 104 768000 76800 76800 1000 > > Access lists: > > access-list 102 remark Outgoing ADSL low priority traffic > access-list 102 permit tcp any any eq smtp > access-list 103 remark Outgoing ADSL medium priority traffic > access-list 103 permit tcp any any > access-list 104 remark Outgoing ADSL high priority traffic > access-list 104 permit ip any any > > Here SMTP is put in the low-rate group (256 kbps), any other > TCP traffic is medium-rate (650 kbps) and the remainder of > IP traffic is highest rate (768 kbps). Just an example, adapt > to requirements. the unit isn't accepting the traffic-shape command on the interface (tried on ETH0/0 and on Vlan2). Is that a function of a higher version than 7.2(3)?
From: Rob on 17 Feb 2010 14:25 Joe <midas1108(a)gmail.com> wrote: > the unit isn't accepting the traffic-shape command on the interface > (tried on ETH0/0 and on Vlan2). Is that a function of a higher > version than 7.2(3)? I assumed it would work on the ASA but apparently it doesn't. (I use this on routers)
From: Joe on 17 Feb 2010 14:36
On Feb 17, 1:58 pm, alexd <troffa...(a)hotmail.com> wrote: > On Wed, 17 Feb 2010 10:43:04 -0800, Joe wrote: > > Do you have an example of some code to do this? I'd want to do this > > with ftp, and I have another site that I'd use it with SMTP (for a > > scan-to-email machine they have). > > <http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ > qos.html> > > -- > <http://ale.cx/> (AIM:troffasky) (UnSoEsNpE...(a)ale.cx) > 18:57:50 up 1 day, 23:48, 6 users, load average: 0.00, 0.04, 0.06 > DIMENSION-CONTROLLING FORT DOH HAS NOW BEEN DEMOLISHED, > AND TIME STARTED FLOWING REVERSELY Yeah, I was looking at that document, but unfortunately it has a lot of information in it that doesn't make sense to me. ASAs are new to me, and most of what I can find involves putting QoS on a vpn connection. I tried to cobble that into what I was trying to do (which resulted in the configuration I have posted above), but there's something I'm missing. |