06-07-2012 07:57 AM - edited 03-07-2019 07:07 AM
Hi,
I would like to apply policing on a C3750 interface, for all trafic matching 10.0.0.0 / 8, except for subnet 10.0.0.0 / 24.
I plan to apply the following configuration, with an ACL that denies 10.0.0.0 / 24 then accept 10.0.0.0 / 8.
I quite sure of the answer but need a confirmation about the following configuration correct ? (10.0.0.0 / 24 will be not blocked, and no policing will be apply on it?)
ip access-list extended TEST
deny tcp 10.0.0.0 0.0.0.255 any eq 5000
permit tcp any 10.0.0.0 0.255.255.255 any eq 5000
!
class-map TEST
match access-group name TEST
!
policy-map TEST
class TEST
police 100000
!
interface f0/1
service-policy input TEST
Thanks by advance
P.
Solved! Go to Solution.
06-07-2012 12:23 PM
Hello Paris,
your understanding is correct
10.0.0.0/24 will not be blocked (because the ACL is not applied at interface level) and will not be policed because it is not part of traffic class TEST
Hope to help
Giuseppe
06-07-2012 12:23 PM
Hello Paris,
your understanding is correct
10.0.0.0/24 will not be blocked (because the ACL is not applied at interface level) and will not be policed because it is not part of traffic class TEST
Hope to help
Giuseppe
06-07-2012 11:55 PM
Hi Giuseppe.
ok, thanks
P
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide