[c-nsp] Shapping NTP traffic on 6500/7600

Randy amps at djlab.com
Thu Feb 27 14:51:00 EST 2014


On 02/26/2014 6:41 pm, Thomas St-Pierre wrote:
> Here’s the config snippet I’m thinking of using:

If the primary DDOS payload is non-initial fragments (which I suspect 
may be the case) it will bypass your ACL unless you match fragments, 
which may impact other traffic.


More information about the cisco-nsp mailing list