[c-nsp] Dynamic ACL
Satish Patel
satish.txt at gmail.com
Mon May 9 23:37:37 EDT 2016
Reason I ask we get small ddos sometime so want drop bad guys at door and allow good guys in. Do you know how we can do that. From QoS?
--
Sent from my iPhone
> On May 9, 2016, at 9:16 PM, Wes Smith <fathom5 at live.com> wrote:
>
> You would use a QOS policer/ rate limit policy for this
> The policer would pass the traffic upto it’s limit and then discard the rest
> The policer can look at anything an ACL can
>
> There are examples on the net re hardening an edge router
>
> https://www.bing.com/search?q=cisco+router+harden+rate+limit
>
>
>
> Sent from Mail for Windows 10
>
> From: Satish Patel
> Sent: Monday, May 9, 2016 4:03 PM
> To: Cisco Network Service Providers
> Subject: [c-nsp] Dynamic ACL
>
> Is there a way in cisco i can put logic if bandwidth utilization is
> above 5G then apply specific ACL (example, deny ip any any fragments)
>
> I don't want packet travel all the time through ACL, I can set trigger
> them on event.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list