MQC Two Rate Three-Color Policer

Posted by October 3, 2011 in Quality of Service

Scenario:

You work for a large provider in India as a senior network engineer specialized in Quality of Service. All the customers of the service provider have an Ethernet connection which is capable of delivering speeds up to 10Mbps. The ISP has diffferent subscriptions and you need to enforce that customers only get what they are paying for…when traffic exceeds a certain rate you need to police it!

Goal:

  • All IP addresses have been preconfigured for you.
  • Configure router Line to police all TELNET traffic heading for router Jack with the following configuration:
  • Configure a CIR rate of 64Kbps, the DSCP value should be set to AF21.
  • Configure a PIR rate of 128Kbps the DSCP value should be set to 0.
  • Traffic that is violating should be dropped.

IOS:

c3640-jk9s-mz.124-16.bin

Topology:

Two rate Three color policer

Video Solution:

Configuration Files

You need to register to download the GNS3 topology file. (Registration is free!)

Once you are logged in you will find the configuration files right here.

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

Master CCNA and CCNP Today!

You May Also Like

No Picture

Committed Access Rate Limiting

No Picture

CB Policing Intermediate

About the Author: Rene Molenaar

René - CCIE #41726 is the creator of GNS3Vault.com where he shares CCNA, CCNP and CCIE R&S labs. He also blogs about networking on http://networklessons.com

5 Comments

  2. Just FYI only – the CIR should be set to 512000 and the PIR should be set to 1024000, because the command requires bits and not kilobytes. I’ve heard on the CCIE test they will throw tricks in QoS that might interfere with EIGRP calculations.

    But, thanks Rene for the nice lab.

  3. Thanks Jelani for information, but when i change CIR into 512000 on Policy, when i ping from R1 to R4 with 18024 size, it`s not work, there all reply, but when i change CIR into 6400 again, and i ping with 1500 size, it`s work

    it just reply 3 times, and after that TimeOut, 3 x 1500 = 6400, but when i change to 512000 CIR, all the packet reply, i already change it into 1500 too, but same like before, all packet replying.

    Can you help me ?

    Thanks before 🙂

  4. Once more, what the different with One Rate Three Policier,

    policy-map KPK
    class TELNET
    police cir 64000
    conform-action set-dscp-transmit af41
    exceed-action set-dscp-transmit 0
    violate-action drop

    with

    class TELNET
    police cir 64000
    conform-action set-dscp-transmit af41
    exceed-action set-dscp-transmit 0
    violate-action drop

    policy-map KPK
    class TELNET
    police cir 64000 pir 128000
    conform-action set-dscp-transmit af41
    exceed-action set-dscp-transmit 0
    violate-action drop

    i mean what the different on that video ? i have watch video single rate, and i think when the veryfication with icmp, it just same with one rate three colour policer. What the different ?

    thanks Rene 🙂

    1. Dual rate policers remove bits from both the Be and Bc buckets. Essentially, you can specify the upper rate more clearly.

Comments are closed.