Packet size using ACL

victor_87 · ‎07-21-2010

Hi,

Is there a way to catch packet size of a packet coming into an interface using an ACL. I don't need the exact packet size etc, but packet above a certain MTU size may be blocked etc. so that i can see the counter increment.

Victor.

Tharak Abraham · ‎07-21-2010

Victor,

Dont think there is an option with ACL for packet length matching.

But you may match Values in IP Packet using ACL's

You may use route-maps to accomplish the same.

R1(config)#route-map new permit 10

R1(config-route-map)#match length 100 100 (matches 100 byte packets)

min and max length can be given which may suit your requirement.

Hope to help,

victor_87 · ‎07-21-2010

Does a route map work for Multicast traffic? thats what i need.

Victor.

Tharak Abraham · ‎07-21-2010

Victor,

You may match the destination group using ACL and tie the ACL and the length of the packet under the route-map with logical "and".

That should do the job !

vigneshjogyala · ‎07-21-2010

Hmm, that sounds like it but i dont think Route Maps work on Multicast groups. I am not exactly sure but remember reading that somewhere. I can just test this on my production device hence need to try and set this up in my lab and see how it works.

Let me know if you find something meanwhile.

Thanks.