[c-nsp] rate limiting questions
Matt Liotta
mliotta at r337.com
Wed Jan 16 08:01:29 EST 2008
I'd like to rate limit an Ethernet port for all traffic except to and
from certain prefixes. Normally, I do rate limits by applying a
policy-map to an interface, which uses a class-map that matches against
an ip access-list. The is as follows:
ip access-list extended NAMEHERE
permit ip any any
class-map match-all NAMEHERE
match access-group name NAMEHERE
However, since I want to avoid matching certain prefixes an ip
access-list doesn't seem appropriate. Can I instead using an ip
prefix-list along the following lines?
ip prefix-list NAMEHERE seq 10 deny 192.168.1.0/24
ip prefix-list NAMEHERE seq 900 permit 0.0.0.0/0
class-map match-all NAMEHERE
match access-group name NAMEHERE
-Matt
More information about the cisco-nsp
mailing list