[c-nsp] Policing IPv6 on LNS
Steve Glendinning
steve at netthatworks.com
Wed Jun 5 13:54:37 EDT 2013
Hi all,
I have a test LNS in the lab and I'm trying to configure per-session
policing, controlled by RADIUS. I can successfully get the policy
applied but whatever I do it seems to only police IPv4.
I'm using a 7200 (NPE-400) running 15.1(3)S3.
I have a policy defined:
policy-map POLICE-10Mbit
class class-default
police cir 10000000
conform-action transmit
exceed-action drop
And all of these sets of attributes work for applying the policy to
the virtual-access interface:
Cisco-AVPair += "ip:sub-qos-policy-in=POLICE-10Mbit"
Cisco-AVPair += "ip:sub-qos-policy-out=POLICE-10Mbit"
Cisco-AVPair += "sub-qos-policy-in=POLICE-10Mbit"
Cisco-AVPair += "sub-qos-policy-out=POLICE-10Mbit"
Cisco-AVPair += "lcp:interface-config=service-policy input
POLICE-10Mbit",
Cisco-AVPair += "lcp:interface-config=service-policy output
POLICE-10Mbit"
But alas, policing only applies to the ipv4 traffic. Ideally I'd like
the policer to apply to everything on the interface, such that both
IPv4 and IPv6 are policed. Any ideas if this is possible?
Thanks!
--
Steve Glendinning
More information about the cisco-nsp
mailing list