cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
242
Views
0
Helpful
0
Replies
james_72
Beginner

ASR1001X policer

Dear experts,

I'd like to rate limit some ingress traffic coming from untrusted source to 10Mbs.
 
I've an ASR1001X (16.3.7) and this is the config I'd place:
 
*********************
ip access-list extended ACL_10_203_231_129
 permit ip any host 10.203.231.129


class-map match-all CM_LIMIT_INGRESS
 match access-group name ACL_10_203_231_129


policy-map PM_LIMIT_INGRESS
 class CM_LIMIT_INGRESS
  police 10000000 5000000 5000000 conform-action transmit  exceed-action drop  violate-action drop
 class class-default

The PM is attached to tunnel interface:

TUNNEL0
 service-policy input PM_LIMIT_INGRESS
 
*********************
 
Can you please confirm:
 
1) I'll not drop/limit other traffic
2) ASR1001X applies rate limit in hardware and not in software (in order to avoid CPU overload)
3) is there any mode to limit pps and not only bandwidth
 
Thanks in advance
Cheers

 

James
0 REPLIES 0