> Does the following look OK.
>
> acl subnet1 src 192.168.1.0/255.255.255.192
> acl subnet2 src 192.168.1.64/255.255.255.192
> acl subnet3 src 192.168.1.128/255.255.255.128
> acl gate1 src 192.168.1.9/255.255.255.255
>
> delay_class1_access deny subnet2
> delay_class1_access deny subnet3
> delay_class1_access deny gate1
simply:
delay_class1_access deny all
...with the default rule for 'all'. You should also 'deny all' at the
end of the class2 rules and for the class3 rules since it appears you
want 'subnet1' to not fall into any rules.
> delay_class2_access allow subnet2
> delay_class2_access allow subnet3
> delay_class2_access allow gate1
>
> delay_class2_aggregate_max 5000
> delay_class2_aggregate_restore 4000
>
> Now would that limit all the subnets and the individual host to maximum of
> 40kbits/sec. Are the above correct.
You have only specified an aggregate limit - if this is all you want, you
should be using class1. You haven't specified an individual limit.
ie:
delay_class2_aggregate_max 5000 # limit pool to 5kbytes
delay_class2_aggregate_restore 4000 # grow pool at 32kbps
delay_class2_individual_max 5000 # limit individual pool to 5kbytes
delay_class2_individual_restore 2000 # grow pool at 16kbps
otherwise one individual can take up the entire pool.
(as with class1)
class2 is the appropriate class if you do want to use individual rules
since all hosts fall into the same 8-bit network; however if you want
only an aggregate rule, class1 is better.
David.
Received on Wed Feb 24 1999 - 20:44:41 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:43 MST