[c-nsp] Switch support for IPv6 policing
Mack McBride
mack.mcbride at viawest.com
Wed Dec 21 17:01:36 EST 2011
Use a mac access-list or class-default
mac access-list extended ALL
permit any any
class-map match-all ANY-MAC
match access-group name MAC
policy-map 10M
class ANY-MAC
police 10000000 1000000 exceed-action drop
or
policy-map 10M
class class-default
police 10000000 1000000 exceed-action drop
LR Mack McBride
Network Architect
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Vincent C Jones
Sent: Tuesday, December 20, 2011 6:28 PM
To: cisco-nsp
Subject: [c-nsp] Switch support for IPv6 policing
Arrgh. Currently filtering and policing user traffic on Cisco 2960 switches and discovered the hard way that the ingress policy ONLY applies itself to IPv4 packets and only IPv4 access-groups can be applied to an interface. What Cisco switches do I have to upgrade to in order to filter and police ALL customer traffic and not just IPv4 traffic?
Vince
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list