05-06-2013 09:08 AM - edited 03-04-2019 07:49 PM
I am trying to configure traffic policing on a 7609 with ES20 line card - however it doesn't appear to be working. The customer is randomly getting DoS attacked, and the policy doesn't appear to be dropping any exceed/violate traffic. Below is the policy in the core. This is an egress policy on a subinterface. Any thoughts what I'm doing wrong?
policy-map cst-92Mbps
class class-default
police 92000000 conform-action transmit exceed-action drop violate-action drop
priority
05-14-2013 07:29 AM
*Bump*
05-14-2013 08:16 AM
Hello
Where are you applying this policy?
res
Paul
Please don't forget to rate any posts that have been helpful.
Thanks.
05-14-2013 08:18 AM
Its being applied on a Cisco 7609 on an ES20 line card on a subinterface as an outbound service policy.
05-14-2013 09:13 AM
Hello Chris,
I would suggest apply the policer inbound ( lan facing)
res
Paul
Please don't forget to rate any posts that have been helpful.
Thanks.
05-14-2013 09:25 AM
There is already an inbound policy at the customer edge. I would need to rate limit on their core device before it hits the rest of the network.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide