今天在GNS3上面通过Cisco 3600路由器桥接PC模拟ADSL拨号
PC通过Loopback 环回口与R2 fa1/0连接,R2 fa0/0通过桥接到PC真实网卡上拨号
拓扑图如下
R2主要配置如下:
ip cef
mls qos //QOS限速必须开启
vpdn enable //启用VPDN全局
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
pppoe enable group global ///启用PPPOE拨号
pppoe-client dial-pool-number 1 //绑定拨号池
!
interface FastEthernet1/0
ip address 172.16.1.1 255.255.255.0
ip nat inside //开启NAT
ip virtual-reassembly
duplex auto
speed auto
!
interface Dialer0 //拨号主要配置
mtu 1492 //MTU大小(看当地电信MTU值 一般都是1480-1500)
ip address negotiated //IP地址自动获取
ip nat outside //NAT开启
ip virtual-reassembly //IP虚拟分片重组
ip virtual-reassembly max-reassemblies 32 //IP虚拟分片重组最大个树32
encapsulation ppp //启用PPP封装验证
dialer pool 1 //关联地址池
dialer-group 1 //关联接口刺激拨号
ppp pap sent-username Cixla password 0 110 //ADSL账号和密码
!
ip route 0.0.0.0 0.0.0.0 Dialer0 //默认出口路由
!
ip nat inside source list 1 interface Dialer0 overload //PAT规则
!
access-list 1 permit any
dialer-list 1 protocol ip permit //抓取PPPOE感兴趣流
成功拨号如下:
show interface dialer 0
show ip int br
show ip route
PC上测试:
QOS限速(限制下载速度不超过64KB)
access-list 102 permit ip 172.16.1.0 0.0.0.255 any
access-list 102 permit ip any 172.16.1.0 0.0.0.255
class-map match-all 172
match access-group 102
!
!
policy-map QOS1
class 172
police cir 512000 //限速64KB
conform-action transmit
exceed-action drop
!
interface FastEthernet1/0 ///NAT inside方向
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
service-policy input QOS1
service-policy output QOS1
查看有没匹配ACL
或者采用CAR 限速
rate-limit output access-group 102 512000 8000 16000 conform-action transmit exceed-action drop
效果一样
转载于:https://blog.51cto.com/leadlxx/725439