access-list logging rate-limited or missed

Unanswered Question
Sep 26th, 2005

I am trying to troubleshoot something using an accesslist to monitor traffic between two devices. One device is on my local network the other is out on the internet. When I turn on logging for my ACL rule I see my traffice appear when I do a sh log. After every 4th entry I also get a logging rate-limited message like below. How do i prevent this. I do not want to miss any packets I want to log every single one of them. Is there a way to turn off rate limit?

%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets

%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(28145) -> xxx.xxx.xxx.xxx(10032), 1 packet

%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(36483) -> xxx.xxx.xxx.xxx(10032), 1 packet

%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(24319) -> xxx.xxx.xxx.xxx(10032), 1 packet

%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets

%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 2 (1 ratings)
stschmidt Mon, 09/26/2005 - 11:03

The above message means simply that the amount of access-list logging is being

rate-limited. Note that the above is a log message generated by the IP Access Log process,

and thus neither related to nor controlled by the generic "logging rate-limit" command.

This rate-limiting of access-list logs is programmed into the IOS by default as a safety

feature, as unrestricted number of ACL logs can potentially overload the systems if the

rate of packets that need to be logged is high enough.

Actions

Login or Register to take actions

This Discussion

Posted September 26, 2005 at 6:47 AM
Stats:
Replies:2 Avg. Rating:2
Views:2109 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard