Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
227
Views
0
Helpful
1
Replies

dealing with small packets

cisco_lad2004
Level 5
Level 5

‎09-01-2006 11:24 AM - edited ‎03-03-2019 04:47 AM

Hi there

My 7206VXR was hit today by a single user sending small packets in high volume. This was UDP, so WRED could not help.

is there any way to drop small packets when they exceed a certain threshold ?

I know I can match on packet length but then can risk to drop legitimate traffic.

TIA

Sam

Labels:
0 Helpful
1 Reply 1

sundar.palaniappan
Level 10
Level 10

‎09-01-2006 11:45 AM

Sam,

You can police traffic, to set bandwidth limit, based on the host address and packet size. You need a config like the one noted below.

class-map match-all TEST

match access-group 10

match packet length min 64 max 64

!

!

policy-map TEST

class TEST

police 100000

!

access-list 10 permit 172.16.100.100

interface FastEthernet0/0

ip address 172.16.100.1 255.255.255.0

service-policy input TEST

HTH,

Sundar

0 Helpful
Customers Also Viewed These Support Documents