I have a pair of 1721 at either end of a 2mb p2p line we use an avaya ip phone system for or telecomms. I am trying to implement traffic shaping so that the phones dont go all mental when some one downloads a large file off the internet or sends a large file between sites. the internet one isnt too much of a problem as i throttle it at the firewall.
currently my conf look like this
!
version 12.2
service config
service timestamps debug datetime msec
service timestamps log uptime
no service password-encryption
!
hostname
!
!
ip subnet-zero
ip domain-name
ip name-server 10.0.0.2
ip name-server 10.0.0.12
!
!
!
interface FastEthernet0
ip address 10.0.0.10 255.255.0.0
speed auto
full-duplex
no cdp enable
!
!
interface Serial0
description Leased line to
bandwidth 2048
ip unnumbered FastEthernet0
ip access-group 101 out
encapsulation ppp
traffic-shape group 104 2048000 125000 125000 1000
traffic-shape group 105 1050000 125000 125000 1000
!
router rip
version 2
network 10.0.0.0
no auto-summary
!
ip default-gateway 10.0.0.12
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.12
ip route 192.168.0.0 255.255.255.0 10.2.0.10
ip route 192.168.1.0 255.255.255.0 10.0.0.157
no ip http server
!
!
access-list 101 permit tcp host 10.0.0.247 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.3 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.2 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.1 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.8 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.12 host 10.2.0.12 eq 3127
access-list 101 deny tcp 10.0.0.0 0.0.255.255 host 10.2.0.12 eq 3127
access-list 101 permit ip host 10.0.0.247 host 10.2.0.12
access-list 101 permit tcp any any established
access-list 101 permit ip any any
access-list 104 permit ip host 10.0.0.29 any
access-list 105 permit ip 10.2.0.0 0.0.255.255 any
snmp-server community public RO
snmp-server community private RW
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0
exec-timeout 0 0
password Network
login
line vty 1 4
password Network
login
line vty 5 15
no login
!
end
basically i am trying to limit all traffic other than that from 10.0.0.29 to 200k/s 10.0.0.29 is the avaya unit this will leave around 25/ks for the phones which is more than enough.
As you can see i am just fiddling with speeds of the shaping but it seems to shape all traffic if i put the access-list 105 first and shapes none if i place the access-list 104 first or if am going about this enitrely the wrong way then plase point me in the right direction.
I have read the cisco docs but they are very dry and tbh a bit over my head.
any help much appreciated.
Cheers
currently my conf look like this
!
version 12.2
service config
service timestamps debug datetime msec
service timestamps log uptime
no service password-encryption
!
hostname
!
!
ip subnet-zero
ip domain-name
ip name-server 10.0.0.2
ip name-server 10.0.0.12
!
!
!
interface FastEthernet0
ip address 10.0.0.10 255.255.0.0
speed auto
full-duplex
no cdp enable
!
!
interface Serial0
description Leased line to
bandwidth 2048
ip unnumbered FastEthernet0
ip access-group 101 out
encapsulation ppp
traffic-shape group 104 2048000 125000 125000 1000
traffic-shape group 105 1050000 125000 125000 1000
!
router rip
version 2
network 10.0.0.0
no auto-summary
!
ip default-gateway 10.0.0.12
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.12
ip route 192.168.0.0 255.255.255.0 10.2.0.10
ip route 192.168.1.0 255.255.255.0 10.0.0.157
no ip http server
!
!
access-list 101 permit tcp host 10.0.0.247 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.3 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.2 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.1 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.8 host 10.2.0.12 eq 3127
access-list 101 permit tcp host 10.0.0.12 host 10.2.0.12 eq 3127
access-list 101 deny tcp 10.0.0.0 0.0.255.255 host 10.2.0.12 eq 3127
access-list 101 permit ip host 10.0.0.247 host 10.2.0.12
access-list 101 permit tcp any any established
access-list 101 permit ip any any
access-list 104 permit ip host 10.0.0.29 any
access-list 105 permit ip 10.2.0.0 0.0.255.255 any
snmp-server community public RO
snmp-server community private RW
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0
exec-timeout 0 0
password Network
login
line vty 1 4
password Network
login
line vty 5 15
no login
!
end
basically i am trying to limit all traffic other than that from 10.0.0.29 to 200k/s 10.0.0.29 is the avaya unit this will leave around 25/ks for the phones which is more than enough.
As you can see i am just fiddling with speeds of the shaping but it seems to shape all traffic if i put the access-list 105 first and shapes none if i place the access-list 104 first or if am going about this enitrely the wrong way then plase point me in the right direction.
I have read the cisco docs but they are very dry and tbh a bit over my head.
any help much appreciated.
Cheers