[c-nsp] ASR1k - Punt-Policing in conjunction with CoPP - aggregate and inbound policy to Control-plane
Roland Dobbins
rdobbins at arbor.net
Sun Jul 26 01:42:52 EDT 2015
On 26 Jul 2015, at 0:19, Randy via cisco-nsp wrote:
> match access-group name MATCH-TTL0/1
Have you tried renaming the ACL? Personally, I've never used or even
seen a named ACL with a '/' in the name, maybe it's an input
sanitization issue? Worth a try, anyways.
> ip access-list extended MATCH-TTL0/1
> permit ip any any ttl eq 0
> permit ip any any ttl eq 1
permit ip any any ttl eq 0 1 should work, yes?
You don't show the class-map, policy-map, nor control-plane config
stanzas, so it's difficult to know if there isn't a simple config error
(everybody makes them at once point or another; I know I have).
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the cisco-nsp
mailing list