Hello,
it depends on the destination of this traffic:
1. If the traffic is destined for the web server running on the router (i.e.
web gui), then the policy must be configured on the "host" subinterface.
2. If the traffic is supposed to be enter and leave the router, then the
policy must be configured on the "top-level (aggregate)" interface.
Basically, all three subinterfaces are used for packets which are handled
specially (otherwise a policy should be configured on "top-level aggregate
interface"):
a) "host" subinterface - traffic destined to one of the router interfaces
(examples: telnet, ssh, http[s], icmp, .. and many many more!)
b) "transit" subinterface - ::: IP traffic ::: entered and left from the
router, BUT only packets which are ::process-switched:: (ciscoDoc example:
nonterminating tunnels)
c) "cef-interface" subinterface - my understanding is that this interface is
used for packets which the router guess to be CEF switched, but after L2
deencapsulation it found out that they are non-IP packets so they must be
process switched (when he finds in L2 payload an ARP packet, or L2 keepalive,
or IPX packet, ... anything with Ethernet II Type field different from 0x0800
(IP) and 802.3 ethernet not carrying IP such as CDP)
I hope I helped. Anyone - please comment if I am wrong. Thanks!
Regards,
Miroslav Kosut
On Jan 2, 2010, at 10:49 PM, hopalong wrote:
> Hi
>
> Can anyone help me with a *nice* explanation of the 3 subinterfaces
> (CEF/Host/Transit) in terms of describing or rather working out which
> traffic goes to which interface from the question!
>
> For instance if a CCPr question said something like 'Set the queue-limit
for
> input HTTP packets to 400 packets and limit the packet rate to 10 per
> second' - would this be Host or Transit and why?
>
> Thank you!
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Jan 03 2010 - 00:29:08 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART