Cisco 7604 Configuration Manual page 536
Ios software configuration guide
Hide thumbs
Also See for 7604:
- Configuration manual (742 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Understanding How DoS Protection Works
the IPv4 multicast rate limiter, there are three rate limiters that you can also configure: the FIB-miss rate
limiter, the multicast partially switched flows rate limiter, and the multicast directly connected rate
limiter.
The FIB-miss rate limiter allows you to rate limit the multicast traffic that does not match an entry in the
mroute table.
The partially switched flow rate limiter allows you to rate limit the flows destined to the MSFC3 for
forwarding and replication. For a given multicast traffic flow, if at least one outgoing Layer 3 interface
is multilayer switched, and at least one outgoing interface is not multilayer switched (no H-bit set for
hardware switching), the particular flow is considered partially switched, or partial-SC (partial shortcut).
The outgoing interfaces that have the H-bit flag are switched in hardware and the remaining traffic is
switched in software through the MSFC3. For this reason, it may be desirable to rate limit the flow
destined to the MSFC3 for forwarding and replication, which might otherwise increase CPU utilization.
The multicast directly connected rate limiter limits the multicast packets from directly connected
sources.
This example shows how to rate limit the multicast packets to 30000 pps with a burst of 30:
Router(config)# mls rate-limit multicast ipv4 connected 30000 30
The ip-option keyword and the ip-option rate limiter are supported in PFC3B or PFC3BXL mode only.
This example shows how to set the rate limiters for the IPv4 multicast packets failing the uRPF check:
Router(config)# mls rate-limit multicast ipv4 non-rpf 100
This example shows how to rate limit the multicast FIB miss packets to 10000 pps with a burst of 10:
Router(config)# mls rate-limit multicast ipv4 fib-miss 10000 10
This example shows how to rate limit the partial shortcut flows to 20000 pps with a burst of 20 packets:
Router(config)# mls rate-limit multicast ipv4 partial 20000 20
This example shows how to rate limit the multicast packets to 30000 pps with a burst of 20:
Router(config)# mls rate-limit multicast ipv4 connected 30000 20
This example shows how to rate limit IGMP-snooping traffic:
Router(config)# mls rate-limit multicast ipv4 igmp 20000 40
IPv6 Multicast
This rate limiter limits the IPv6 multicast packets.
traffic that each rate limiter serves.
Table 36-2 IPv6 Rate Limiters
Rate Limiter
Connected
Default-drop
Route-control
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
36-20
Table 36-2
Traffic Classes to be Rate Limited
Directly connected source traffic
* (*, G/m) SSM
* (*, G/m) SSM non-rpf
* (*, FF02::X/128)
Chapter 36
Configuring Denial of Service Protection
lists the IPv6 rate limiters and the class of
OL-4266-08
- Quick Links:
- Supported Hardware and Software
Hide quick links:
Advertisement
Chapters
Table of Contents
