Resources
    A policy-map, by any othe ...
    27 July 10

    A policy-map, by any other name...

    Posted byINE
    facebooktwitterlinkedin
    news-featured

    Clock_New Time is a valuable resource in the lab.   In a lab task, if asked to configure a policy-map named "BOB", it doesn't get the same point value if we happen to accidentally name it "bob", especially  if they are looking to see if you configured what they asked for.

    The challenge is, that when reviewing a lab task, and we discover that we need to change a name, it could be a hassle, as we need to remove the policy-map, recreate the policy map, and then put it in place again.

    So if you are down to the last minute, here is a time saving solution, that can assist with that process.

    IOS allows us to rename a policy-map, and the IOS will swap out the name in other areas of the configuration that reference that policy map.

    Here is an example, of a policy map from Volume 2, lab 5.

    Rack1R5#show run policy-map
    Building configuration...

    Current configuration : 352 bytes
    !
    policy-map TRANSIT_RATE_LIMIT
    class FRAGMENTS
    police rate 1000000 pps burst 200000 packets
    policy-map type port-filter HOST_PORT_FILTER
    class CLOSED_PORTS
    drop
    policy-map CEF_EXCEPTION_RATE_LIMIT
    class class-default
    police rate 100 pps burst 20 packets
    policy-map HOST_RATE_LIMIT
    class ICMP
    police rate 10 pps burst 5 packets
    !
    end

    Rack1R5#show run | begin control
    control-plane host
    service-policy input HOST_RATE_LIMIT
    service-policy type port-filter input HOST_PORT_FILTER
    !
    control-plane transit
    service-policy input TRANSIT_RATE_LIMIT
    !
    control-plane cef-exception
    service-policy input CEF_EXCEPTION_RATE_LIMIT

    Let's say that after reviewing our configuration, we discovered that the policy-map for the cef-exception sub interface of the control plane should have been named "NEW-NAME-CEF".

    To change it everywhere in the configuration, instead of creating it new, and replacing it, we could simply do this:

    Rack1R5(config)#policy-map CEF_EXCEPTION_RATE_LIMIT
    Rack1R5(config-pmap)#rename NEW-NAME-CEF

    Now, when we look at the configuration, we can see that not only the name has changed for the policy-map, but it also updated our control-plane configuration to reflect the new name there as well:

    Rack1R5#show run policy-map
    Building configuration...

    Current configuration : 340 bytes
    !
    policy-map TRANSIT_RATE_LIMIT
    class FRAGMENTS
    police rate 1000000 pps burst 200000 packets
    policy-map type port-filter HOST_PORT_FILTER
    class CLOSED_PORTS
    drop
    policy-map NEW-NAME-CEF
    class class-default
    police rate 100 pps burst 20 packets
    policy-map HOST_RATE_LIMIT
    class ICMP
    police rate 10 pps burst 5 packets
    !
    end

    Rack1R5#show run | begin control
    control-plane host
    service-policy input HOST_RATE_LIMIT
    service-policy type port-filter input HOST_PORT_FILTER
    !
    control-plane transit
    service-policy input TRANSIT_RATE_LIMIT
    !
    control-plane cef-exception
    service-policy input NEW-NAME-CEF
    !
    !

    Best wishes on your studies, and may your policy-maps be named correctly the first time around. :)

     

    © 2024 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
    instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo