From: Carlos Trujillo (carlos.trujillo.jimenez@gmail.com)
Date: Tue Mar 25 2008 - 12:08:07 ART
Hi Group.
Im trying to figure when to use Control Plane policing applied in the
control plane of the router or instead use rate-limiting applied in a
interface of the router. I have 2 solutions to a question, and Please if
someone can help me clarify what is the correct solution may I employ, or if
both solutions work fine according to the following requirements:
Let see my example:
Configure R1 so that it limits traffic to 8000k destined to all of its
interfaces.
---------ETH0/0[ROUTER-1]ETH0/1-------
eth0/0
ip address 1.1.1.1 255.255.255.0
eth 0/1
ip address 2.2.2.2 255.255.255.0
****** SOLUTION 1:
access-list 101 permit ip any host 1.1.1.1
access-list 101 permit ip any host 2.2.2.2
int eth 0/0
rate-limit input access-group 101 8000 1500 2000 conform-action transmit
exceed-action drop
int eth 0/1
rate-limit input access-group 101 8000 1500 2000 conform-action transmit
exceed-action drop
*******SOLUTION 2:
class-map control-plane-class
match access-group 101
policy-map control-plane-policy
class control-plane-class
police 8000 conform-action transmit exceed-action drop
This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:54 ART