[c-nsp] CoPP best practical example on 6500
Phil Mayers
p.mayers at imperial.ac.uk
Thu Oct 5 05:32:29 EDT 2006
Saku Ytti wrote:
> On (2006-10-05 08:05 +0300), Saku Ytti wrote:
>
>> How I've done it is penultimate rule of catch all IP, and drop even
>> conforming traffic and then default policy will allow rest.
>> Accompanied with probably even too strict mls qos/rate-limit rules.
>
> Oh yeah, one thing you loose with this is VPN-CAM, populating
> VPN-CAM when using class-default is not possible. But
> in most situations this is non-issue.
>
Could you be a bit more specific about this issue?
More information about the cisco-nsp
mailing list