请选择 进入手机版 | 继续访问电脑版

设为首页 收藏本站
思科社区 关注
思科社区

   思科 CCO 登录 推荐
 找回密码
 立即注册

搜索
热搜: 邮件服务器
查看: 301|回复: 2

防火墙如何限速做QoS

[复制链接]
发表于 2019-7-3 01:32:08 来自手机 | 显示全部楼层 |阅读模式
0可用金钱
ASA5525 如何限制下载速度?
如何做QOS  保证网页优先 ,公司 网速标满,网页打不开


asdm 7.2如何操作限速网段IP

  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2019-7-3 13:59:16 | 显示全部楼层
Priority Queueing
With priority queuing, you are able to place a specific class of traffic in the Low Latency Queue (LLQ), which is processed before the standard queue.

Note: If you prioritize traffic under a shaping policy, you cannot use inner packet details. The firewall can only perform LLQ, unlike the routers that can provide more sophisticated queuing and QoS mechanisms (Weighted Fair Queueing (WFQ), Class-Based Weighted Fair Queueing (CBWFQ), and so on).

The hierarchical QoS policy provides a mechanism for users to specify the QoS policy in a hierarchical fashion. For example, if users want to shape traffic on an interface and furthermore within the shaped interface traffic, provide priority queueing for VoIP traffic, then users can specify a traffic shaping policy at the top and a priority queuing policy under the shape policy. The hierarchical QoS policy support is limited in scope. The only option allowed is:

Traffic shaping at the top level
Priority queueing at the next level
Note: If you prioritize traffic under a shaping policy, you cannot use inner packet details. The firewall can only perform LLQ, unlike the routers that can provide more sophisticated queuing and QoS mechanisms (WFQ,CBWFQ, and so on).

This example uses the hierarchical QoS Policy in order to shape all outbound traffic on the outside interface to 2 Mbps like the shaping example but it also specifies that Voice packets with the Differentiated Services Code Point (DSCP) value "ef", as well as Secure Shell (SSH) traffic, shall receive priority.

Create the priority queue on the interface on which you want to enable the feature:

ciscoasa(config)#priority-queue outsideciscoasa(config-priority-queue)#queue-limit
2048ciscoasa(config-priority-queue)#tx-ring-limit 256
A class to match DSCP ef:

   ciscoasa(config)# class-map Voice
   ciscoasa(config-cmap)# match dscp ef
   ciscoasa(config-cmap)# exit
A class to match port TCP/22 SSH traffic:

   ciscoasa(config)# class-map SSH
   ciscoasa(config-cmap)# match port tcp eq 22
   ciscoasa(config-cmap)# exit
A policy map to apply prioritization of Voice and SSH traffic:

   ciscoasa(config)# policy-map p1_priority
   ciscoasa(config-pmap)# class Voice
   ciscoasa(config-pmap-c)# priority
   ciscoasa(config-pmap-c)# class SSH
   ciscoasa(config-pmap-c)# priority
   ciscoasa(config-pmap-c)# exit
   ciscoasa(config-pmap)# exit
A policy map to apply shaping to all traffic and attach prioritized Voice and SSH traffic:

   ciscoasa(config)# policy-map p1_shape
   ciscoasa(config-pmap)# class class-default
   ciscoasa(config-pmap-c)# shape average 2000000
   ciscoasa(config-pmap-c)# service-policy p1_priority
   ciscoasa(config-pmap-c)# exit
   ciscoasa(config-pmap)# exit
Finally attach the shaping policy to the interface on which to shape and prioritize outbound traffic:

   ciscoasa(config)# service-policy p1_shape interface outside
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2019-7-12 23:29:57 | 显示全部楼层

楼主可以参考一下
cisco ASA 限速以及URL过滤
https://blog.csdn.net/u013636377/article/details/45876269

ASA 5100限​速 MQC方式对每个IP进行限速、某网段限速、某些IP进行限速
https://blog.51cto.com/yuxing34/1599206

Cisco ASA 5520(8.2.4)配置企业内网案例(按时段限速)
https://blog.51cto.com/fengwan/1957945
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver | 思科社区  

GMT+8, 2019-7-22 10:07 , Processed in 0.078127 second(s), 32 queries .

京ICP备09041801号-187

版权所有 :copyright:1992-2019 思科系统  重要声明 | 保密声明 | 隐私权政策 | 商标 |

快速回复 返回顶部 返回列表