Policing—Configuring Meters

Configuring Two Rate Three Color Marker

Enable Port 3.
Type the following:
- Enter the Global Configuration Mode.
```
iS5comm# configure terminal
```
- Enter Interface Configuration Mode.
```
iS5comm(config)# interface gigabitethernet 0/3
```
```
iS5comm(config-if)# no shutdown
```
- Exit the Interface Configuration Mode
```
iS5comm(config-if)# exit
```
Enable QoS.
Type the following:
- Enter the Global Configuration Mode.
```
iS5comm# configure terminal
```
- Enable the QoS.
```
iS5comm(config)# qos enable
```
Create an access control list filter for TCP packets on port 3.
Type the following:
- Create an access control list.
```
iS5comm(config)# ip access-list extended 1001
```
- Configure the ACL with the following parameters to permit the following packets:
  - ip host—enter the IP address for the host to be permitted
  - any—for packets to any destination IP address
  - priority 2—for packets with priority 2 (this is a mandatory parameter)
```
iS5comm(config-ext-nacl)# permit ip host 12.0.0.5 any priority 2
```
- Exit the ACL Configuration Mode
```
iS5comm(config-ext-nacl)# exit
```
- Enter Interface Configuration Mode.
```
iS5comm(config)# interface gigabitethernet 0/3
```
- Apply the created ACL to the selected interface, where 1002 is the ACL number and “in” stands for inbound packets related configuration.
```
iS5comm(config-if)# ip access-group 1002 in
```
- Exit the Interface Configuration Mode
```
iS5comm(config-if)# exit
```
Create a meter.
Type the following:

The meter created by the command below will be trTCM type with traffic components CIR=10000 kbps, CBS=1000, EIR= 100000, and EBS=100000 (corrected based on below).

Where
- color-mode—there are two options: aware for which the meter considers the pre-color of the packet and blind, for which the meter ignores the pre-color of the packet.
- CIR—this is the Rate at which a frame relay network agrees to transfer information under normal conditions, averaged over a minimum increment of time.
- EIR—Excess Information Rate; the average rate at which excess traffic is to be policed
```
iS5comm(config)#meter 1
```
```
iS5comm(config-meter )# meter-type trTCM color-mode blind cir 10000 cbs 1000 eir 100000 ebs 100000
```
```
iS5comm(config-meter)# exit
```
Create a class map, set a class, and create a policy map.
Type the following:
- Create a class map 10.
```
iS5comm(config)# class-map 10
```
- Configure the match criteria for the class map with the criteria specified by the access list 1001
```
iS5comm(config-cls-map)# set class 8
```
```
iS5comm(config-cls-map)# match access-group ip-access-list 1001
```
```
iS5comm(config-cls-cmap)# exit
```
- Create a policy map to associate with the class map already created and to apply on the packet before forwarding it.
```
iS5comm(config)# policy-map 2
```
- Enter to set policy parameters such as meter and configure its parameters (actions), where
  - conform-action—configures action to be performed on the packet, when the packets are found to be In profile (conform
  - set-ip-dscp-transmit—sets the new Differentiated Services Code Point value as 22
  - exceed-action—configures action to be performed on the packet, when the packets are found to be In profile (exceed) with chosen action “drop” (i.e. the packet to be dropped)
  - violate-action—configures action to be performed on the packet, when the packets are found to be out of profile
  - set-ip-dscp-transmit —sets the new Differentiated Services Code Point value as 35
```
iS5comm(config-ply-map)# set meter 1 conform-action set-ip-dscp-transmit 22 exceed-action drop violate-action set-ip-dscp-transmit 35
```
```
iS5comm(config-ply-map)# set policy class 8 default-priority-type none
```
```
iS5comm(config-ply-map)#end
```

View the configuration detail.

Type the following.

iS5comm# show access-lists

IP ACCESS LISTS

-----------------

Extended IP Access List 1001

-----------------------------

Filter Priority                  : 2

Filter Protocol Type             : ANY

IP address Type                  : IPV4

Source IP address                : 12.0.0.5

Source IP address mask           : 255.255.255.255

Source IP Prefix Length          : 32

Destination IP address           : 0.0.0.0

Destination IP address mask      : 0.0.0.0

Destination IP Prefix Length     : 0

Flow Identifier                  : 0

In Port List                     : Gi0/3

Out Port List                    : NIL

Filter TOS                       : NIL

Filter DSCP                      : NIL

Service Vlan                     : 0

Service Vlan Priority            : 0

Customer Vlan                    : 0

Customer Vlan Priority           : None

Packet Tag Type                  : Single-tag

Filter Action                    : Permit

Redirect Port List               : NIL

TrafficDistField                 : Unknown

Sub Action                       : NONE

Sub Action Id                    : 0

Status                           : Active

MAC ACCESS LISTS

-----------------

%No MAC Access Lists have been configured

USER DEFINED LISTS

----------------------

%No User Defined Lists have been configured

iS5comm# show policy-map 30

QoS Meter Entries

-----------------

MeterId                      : 1

Type                         : TRTCM

Color Mode                   : Color Blind

Interval                     : None

CIR                          : 10000

CBS                          : 1000

EIR                          : 100000

EBS                          : 100000

NextMeter                    : None

Status                       : Active

iS5comm# show meter 1

QoS Meter Entries

-----------------

MeterId                      : 1

Type                         : TRTCM

Color Mode                   : Color Blind

Interval                     : None

CIR                          : 10000

CBS                          : 1000

EIR                          : 100000

EBS                          : 100000

NextMeter                    : None

Status                       : Active

iS5comm# show class-map 10

QoS Class Map Entries

---------------------

ClassMapId                   : 10

L2FilterId                   : None

L3FilterId                   : 1001

PriorityMapId                : None

VlanMapId                    : None

CLASS                        : 8

PolicyMapId                  : 2

PreColor                     : None

Status                       : Active

Configuring Single Rate Three Color Marker Meter

Enable Port 3.
Type the following:
- Enter the Global Configuration Mode.
```
iS5comm# configure terminal
```
- Enter Interface Configuration Mode.
```
iS5comm(config)# interface gigabitethernet 0/3
```
```
iS5comm(config-if)# no shutdown
```
- Exit the Interace Configuration Mode
```
iS5comm(config-if)# exit
```
Enable QoS.
Type the following:
- Enter the Global Configuration Mode.
```
iS5comm# configure terminal
```
- Enable the QoS.
```
iS5comm(config)# qos enable
```
Create a MAC access control list filter.
Type the following:
- Create an access control list.
```
iS5comm(config)# mac access-list extended 1006
```
- Configure the ACL with the following parameters to permit the following packets:
  - any—for packets from any source IP address
  - any—for any destination IP address
  - priority 2—this is a mandatory parameter
```
iS5comm(config-ext-nacl)# permit any any priority 4
```
- Exit the ACL Configuration Mode
```
iS5comm(config-ext-nacl)# exit
```
- Enter Interface Configuration Mode.
```
iS5comm(config)# interface gigabitethernet 0/3
```
- Apply the created ACL to the selected interface, where 1006 is the ACL number and “in” stands for inbound packets related configuration.
```
iS5comm(config-if)# ip access-group 1006 in
```
- Exit the Interface Configuration Mode
```
iS5comm(config-if)# exit
```
Identify a meter.
Type the following:

The meter created by the command below will have srTCM type with traffic components CIR=10000 kbps, CBS=1000, EIR= 100000, EBS=100000 (corrected based on below)

Where
- color-mode—there are two options: aware for which the meter considers the pre-color of the packet and blind, for which the meter ignores the pre-color of the packet
- CIR—this is the Rate at which a Frame Relay network agrees to transfer information under normal conditions, averaged over a minimum increment of time.
- EIR—the average rate at which excess traffic is to be policed
```
iS5comm(config)#meter 4
```
```
iS5comm(config-meter )# meter-type srTCM color-mode blind cir 10000 cbs 1000 eir 100000 ebs 100000
```
```
iS5comm(config-meter)# exit
```
Create a class map, set a class, and create a policy map.
Type the following:
- Create a class map.
```
iS5comm(config)# class-map 10
```
- Configure the match criteria for the class-map.
```
iS5comm(config-cls-map)# set class 9
```
```
iS5comm(config-cls-map)# match access-group ip-access-list 1006
```
```
iS5comm(config-cls-cmap)# exit
```
- Create a policy map to associate with the class map already created and to apply on the packet before forwarding it.
```
iS5comm(config)# policy-map 5
```
- Enter to set policy parameters such as meter and configure its parameters (actions), where
  - conform-action—configures action to be performed on the packet, when the packets are found to be In profile (conform
  - set-cos-transmit—sets the VLAN priority of the outgoing packet as 1
  - set-de-transmit—sets the VLAN drop eligible indicator of the outgoing packet as 1
  - violate-action—configures action to be performed on the packet, when the packets are found to be out of profile
  - set-ip-dscp-transmit —sets the new Differentiated Services Code Point value as 35
```
iS5comm(config-ply-map)# set meter 4 conform-action set-cos-transmit 1 set-de-transmit 1 violate-action drop
```
```
iS5comm(config-ply-map)# set policy class 9 default-priority-type none
```
```
iS5comm(config-ply-map)#end
```

View the configuration detail.

Type the following.

iS5comm# show access-lists

IP ACCESS LISTS

-----------------

Extended IP Access List 1001

-----------------------------

Filter Priority                  : 2

Filter Protocol Type             : ANY

IP address Type                  : IPV4

Source IP address                : 12.0.0.5

Source IP address mask           : 255.255.255.255

Source IP Prefix Length          : 32

Destination IP address           : 0.0.0.0

Destination IP address mask      : 0.0.0.0

Destination IP Prefix Length     : 0

Flow Identifier                  : 0

In Port List                     : Gi0/3

Out Port List                    : NIL

Filter TOS                       : NIL

Filter DSCP                      : NIL

Service Vlan                     : 0

Service Vlan Priority            : 0

Customer Vlan                    : 0

Customer Vlan Priority           : None

Packet Tag Type                  : Single-tag

Filter Action                    : Permit

Redirect Port List               : NIL

TrafficDistField                 : Unknown

Sub Action                       : NONE

Sub Action Id                    : 0

Status                           : Active

MAC ACCESS LISTS

-----------------

Extended MAC Access List 1006

-----------------------------

Filter Priority                  : 4

Ether Type                       : 0

Protocol Type                    : 0

Vlan Id                          : 2

Destination MAC Address          : 00:00:00:00:00:00

Source MAC Address               : 00:00:00:00:00:00

In Port List                     : Gi0/2

Out Port List                    : NIL

Outer EtherType                  : 0

Service Vlan                     : 0

Service Vlan Priority            : None

Customer Vlan Priority           : None

Packet Tag Type                  : Single-tag

Filter Action                    : Permit

Redirect Port List               : NIL

TrafficDistField                 : Unknown

Sub Action                       : NONE

Sub Action Id                    : 0

\Status                           : Active

USER DEFINED LISTS

----------------------

%No User Defined Lists have been configured

iS5comm# show policy-map 5

QoS Policy Map Entries

----------------------

PolicyMapId  : 5

IfIndex      : 0

Class        : 9

DefaultPHB   : None.

MeterId      : 4

ConNClass    : 0

ExcNClass    : 0

VioNClass    : 0

ConfAct      : Vlan Pri 1, Vlan DE 1

ExcAct       : None.

VioAct       : Drop

iS5comm# show meter

QoS Meter Entries

-----------------

MeterId                      : 4

Type                         : SRTCM

Color Mode                   : Color Blind

Interval                     : None

CIR                          : 10000

CBS                          : 1000

EIR                          : None

EBS                          : 2000

NextMeter                    : None

Status                       : Active

iS5comm# show class-map

QoS Class Map Entries

---------------------

ClassMapId                   : 10

L2FilterId                   : None

L3FilterId                   : 1001

PriorityMapId                : None

VlanMapId                    : None

CLASS                        : 8

PolicyMapId                  : 2

PreColor                     : None

Status                       : Active