Cisco WS-C6506 Software Manual page 433

Catalyst 6500 series switch

Hide thumbs Also See for WS-C6506:

Manual (110 pages)

Installation manual (336 pages)

Table of Contents

Configuring Access Control

Clearing the ARP Traffic-Inspection Statistics

To clear the ARP traffic-inspection statistics, perform this task in privileged mode:

Clear the ARP traffic-inspection statistics.

Without the optional argument, entering the command clears the ARP traffic-inspection global statistics

counters and the ARP traffic-inspection statistics counters for all the ACLs. If you supply the optional

acl_name argument, only the ARP traffic-inspection statistics for that particular ACL are cleared.

You can enter the clear security acl commands to clear the ARP traffic-inspection configuration

Configuring Rate Limiting on a Global Basis

You can rate limit the number of ARP traffic-inspection packets that are sent to the supervisor engine

CPU globally. By default, the ARP traffic-inspection traffic is rate limited to 500 packets per second.

The minimum value is 500, and the maximum value is 2000 packets per second. For Supervisor

Engine 720, the minimum value that is enforced by the hardware is 10 packets per second (values

between 1– 9 are set to 10). To disable rate limiting, set the value to 0.

Rate limiting might be shared by multiple features. To display the features that share rate limiting, enter

the show security acl feature ratelimit command.

To rate limit the number of ARP traffic-inspection packets that are sent to the CPU on a global basis,

perform this task in privileged mode:

Rate limit the number of ARP traffic-inspection

packets that are sent to the supervisor engine CPU on

a global basis.

Display the global rate-limit value.

Display all the rate-limiter settings that are configured

on the switch processor and the route processor.

This example shows how to rate limit the number of ARP traffic-inspection packets that are sent to the

CPU to 1000:

Console> (enable) set security acl feature ratelimit 1000

Dot1x DHCP and ARP Inspection global rate limit set to 1000 pps.

Console> (enable)

Console> (enable) show security acl feature ratelimit

Rate limit value in packets per second = 1000

Protocols set for rate limiting = Dot1x DHCP, ARP Inspection

Console> (enable)

clear security acl arp-inspection statistics

set security acl feature ratelimit rate

show security acl feature ratelimit

show rate-limit

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

Using VACLs in Your Network

Show Quick Links

Table of Contents

Troubleshooting

Catalyst 6506 Catalyst 6509 Catalyst 6513

Cisco WS-C6506 Software Manual page 433

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-C6506

Related Products for Cisco WS-C6506

This manual is also suitable for:

Table of Contents