[c-nsp] Policing Confusion
Brad Henshaw
brad.henshaw at qcn.com.au
Tue Jan 13 19:15:19 EST 2009
Aaron Riemer wrote:
> Thanks for all the comments guys you have clarified this for me.
> It is a bit dissapointing to know that you cant really manipulate
> the types of traffic inbound only outbound. I understand why though.
Just to revive this one while cleaning out my e-mail, another option
depending on your model of router might be to restrain TCP-based flows
to your remote sites by using traffic shaping on egress into your LANs
(i.e. use a shaping output policy on the LAN interface at the remote
sites). In terms of config cleanliness this is a bit messy but might do
the job if you don't want to use an inbound WAN policer or complex
output policy at the central site.
Regards,
Brad
More information about the cisco-nsp
mailing list