Traffic Policing on 7609 with ES20 Line Card

cdegroat82 · ‎05-06-2013

I am trying to configure traffic policing on a 7609 with ES20 line card - however it doesn't appear to be working. The customer is randomly getting DoS attacked, and the policy doesn't appear to be dropping any exceed/violate traffic. Below is the policy in the core. This is an egress policy on a subinterface. Any thoughts what I'm doing wrong?

policy-map cst-92Mbps

class class-default

police 92000000 conform-action transmit exceed-action drop violate-action drop

priority

cdegroat82 · ‎05-14-2013

*Bump*

paul driver · ‎05-14-2013

Hello

Where are you applying this policy?

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

cdegroat82 · ‎05-14-2013

Its being applied on a Cisco 7609 on an ES20 line card on a subinterface as an outbound service policy.

paul driver · ‎05-14-2013

Hello Chris,

I would suggest apply the policer inbound ( lan facing)

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

cdegroat82 · ‎05-14-2013

There is already an inbound policy at the customer edge. I would need to rate limit on their core device before it hits the rest of the network.