This standard ACL is being used to restrict the SNMP traffic from the host address.
The Idea is to police the SNMP traffic from the host to 128Kbps when hitting the CPU or control-plane queues. The idea is right here but the implementation is wrong.
What the above ACL is doing that it is basically restricting any traffic originated from that host to CPU queues to 128Kbps and when it will hit the CPU/control-plane you will see the drops. This is what you are oberving when you are sending 1000 packets to that source.
What you need to do is to change the standard ACL to an extended ACL and match the SNMP traffic well known ports to have the restricted SNMP traffic control plane policing.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...