Task 4.5 VPN QoS solution in sol.-guide is wrong


another configuration in the solution guide, which to my mind is not correct. Of course I'll stand corrected if anyone explains otherwise! :)

This is the configuration given to limit the VPN traffic to not overwhelm the network, which has a capacity of 2Mbit. The problem here is, that the policy is applied to each flow (because of the "match ip flow destination" command), so two flows get 4Mbit together.

class-map VPN_VOICE
match dscp ef
match tunnel-group
! Class map to match traffic inside a tunnel group
class-map VPN_DATA
match flow ip destination-address
match tunnel-group
! Add policy actions to the policy map
policy-map OUTSIDE
class VPN_DATA
police output 2000000

I would configure it without the "match flow ip destination-address"-command.

Any comments appreciated,
Sign In or Register to comment.