1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. ASR 920 series
  6. Configuration manual

Cisco ASR 920 Series Configuration Manual page 46

Policing and shaping configuration guide
Hide thumbs Also See for ASR 920 Series:
Table of Contents

Advertisement

Configuring Control Plane Policing to Mitigate Denial-of-Service Attacks
Command or Action
Step 4
access-list access-list-number permit protocol {tcd
| udp} {any | host {source-addr | name}} eq port
number {any | host {source-addr | name}} eq port
number
Example:
Device(config)# access-list 111 permit icmp
any eq 1699 any eq 1698
Step 5
class-map class-map-name
Example:
Device(config)# class-map match-any
MyClassMap
Step 6
match access-group access-list-index
Example:
Device(config-cmap)# match access-group 140
Step 7
exit
Example:
Device(config-cmap)# exit
Step 8
policy-map policy-map-name
Example:
Device(config)# policy-map Policy1
Step 9
class class-map-name
Example:
Device(config-pmap-)# class MyClassMap
Step 10
police {rate-bps | cir {cir-bps | percent percent}}
[bc burst-bytes] [conform-action action] [pir
pir-bps]
Example:
Device(config-pmap-c)# police cir 10m
QoS: Policing and Shaping Configuration Guide (Cisco ASR 920 Series)
40
Purpose
Configures an access list for filtering frames by UDP protocol
and matches only packets with a given port number.
Creates a class-map and enters QoS class-map configuration
mode.
Specifies access groups to apply to an identity policy. The range
of valid values is 1-2799.
Exits QoS class-map configuration mode and returns to global
configuration mode.
Specifies a service policy and enters QoS policy-map
configuration mode.
Enters QoS policy-map class configuration more
Configure a traffic policer based on the traffic rate or committed
information rate (CIR). By default, no policer is defined.
• rate-bps—Specifies average traffic rate in bits per second
(b/s). The range is 64000 to 10000000000. Supply an
optional postfix (K, M, G). Decimal point is allowed.
• cir—Specifies a committed information rate (CIR).
• cir-bps—Specifies a CIR in bits per second (b/s). The
range is 64000 to 10000000000. Supply an optional postfix
(K, M, G). Decimal point is allowed.
• bc burst-bytes—(Optional) Specifies the conformed burst
(bc) or the number of acceptable burst bytes. The range is
8000 to 16000000.
Control Plane Policing
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco ASR 920 Series

Related Products for Cisco ASR 920 Series

Table of Contents