Dear i want to allow the bandwidths 60 Mbit traffic and my cdn ip address are network 103.28.87.64/26
network 103.28.85.0/26
network 103.28.85.192/27
network 103.28.85.224/27
network 103.28.87.128/26
i have create all firewall policy but it is not showing the correct traffic to CDN
my source ip address is 192.168.20.18 where normal traffic has been limited in 10/10mbit
my configure is as bellow
vyos@vyos# sh firewall
all-ping enable
broadcast-ping disable
config-trap disable
group {
network-group TMCDN {
network 103.28.87.64/26
network 103.28.85.0/26
network 103.28.85.192/27
network 103.28.85.224/27
network 103.28.87.128/26
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
twa-hazards-protection disable
[edit]
vyos@vyos# sh policy route
route PEERING-LIST {
rule 10 {
set {
mark 200
}
source {
group {
network-group TMCDN
}
}
}
}
[edit]
vyos@vyos#
limiter INDATA {
class 10 {
bandwidth 10mbit
burst 2mbit
match 10M-IN {
ip {
destination {
address 192.168.20.18/32
}
}
}
}
class 11 {
bandwidth 60mbit
burst 2mbit
match PEERING-LIST {
ip {
destination {
address 192.168.20.18/32
}
}
mark 200
}
}
default {
bandwidth 200mbit
}
}
shaper OUTDATA {
bandwidth 1000mbit
class 10 {
bandwidth 10mbit
match HOST-10M {
ip {
source {
address 192.168.20.18/32
}
}
}
}
default {
bandwidth 100mbit
}
}
:
please is there any wrong configuration in my set
best regards
Arun tamrakar