[c-nsp] rate-limit icmp packets
Security
security at cytanet.com.cy
Mon Jul 25 16:45:20 EDT 2005
Hello all
I need to rate limit icmp echo and echo reply packets on my interfaces. Any
suggestion on how to do this? Can I do this on asynchronoys interfaces
(Interfaces for PSTN/ISDN connections) also? How can I measure ICMP traffic
undern normal network conditions so as to apply the correct rate limit?
I used the following format for asynchronous Interfaces
rate-limit input access-group 113 8000 1500 2000 conform-action transmit
exceed-action drop
Extended IP access list 113
permit icmp any any echo log-input
permit icmp any any echo-reply log-input
Is this OK?
Thanks for your support
Regards
More information about the cisco-nsp
mailing list