09-26-2005 06:47 AM - edited 02-20-2020 09:28 PM
I am trying to troubleshoot something using an accesslist to monitor traffic between two devices. One device is on my local network the other is out on the internet. When I turn on logging for my ACL rule I see my traffice appear when I do a sh log. After every 4th entry I also get a logging rate-limited message like below. How do i prevent this. I do not want to miss any packets I want to log every single one of them. Is there a way to turn off rate limit?
%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets
%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(28145) -> xxx.xxx.xxx.xxx(10032), 1 packet
%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(36483) -> xxx.xxx.xxx.xxx(10032), 1 packet
%SEC-6-IPACCESSLOGP: list 100 permitted tcp xxx.xxx.xxx.xxx(24319) -> xxx.xxx.xxx.xxx(10032), 1 packet
%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets
%SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 12 packets
09-26-2005 11:03 AM
The above message means simply that the amount of access-list logging is being
rate-limited. Note that the above is a log message generated by the IP Access Log process,
and thus neither related to nor controlled by the generic "logging rate-limit" command.
This rate-limiting of access-list logs is programmed into the IOS by default as a safety
feature, as unrestricted number of ACL logs can potentially overload the systems if the
rate of packets that need to be logged is high enough.
09-05-2006 04:22 PM
could the error also be a possible DOS or DDOS attack?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide