[c-nsp] IPv4 fragmented packets on SUP720-3BXL
sthaug at nethelp.no
sthaug at nethelp.no
Tue Nov 10 16:03:57 EST 2009
> >There is nothing special about *forwarding* fragmented packets - unless
> >you have an ACL or anything else that wants to look at Layer 4 info.
>
> That would be Netflow or some QoS policy attached to the interface, for
> instance?
Normal ACL or possible a QoS policy based on an ACL.
> I guess the router should reassembly the fragmented packets before
> applying any policing on the traffic arriving on the interface...
> Am I right?
No. Each fragment is matched against the ACL on its own.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the cisco-nsp
mailing list