On (2011-12-28 23:11 -0800), zaid wrote: > how to filter packet with ttl of 0 on cisco 7600 (ios 12.3 SR )while the ACL in not support such filtering ? Unfortunately not possible, PFC3 does not have this hardware capability. You might find 'mls rate-limit all ttl-failure' useful to limit punt-rate of ttl exceeds. -- ++ytti