Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2458
Views
0
Helpful
5
Replies

Limiting ARP traffic

c.vergara
Level 1
Level 1

‎03-22-2004 09:28 AM - edited ‎03-02-2019 02:28 PM

I´m having problems with ARP traffic. Is possible limit this traffic on a router´s interface with the following command:

router (config)#access-list nn permit

router(config-if)#rate-limit .....

How Can I limit this traffic ?

regards.

Labels:
0 Helpful
5 Replies 5

Not applicable

‎03-26-2004 01:52 PM

In order to do rate limiting of ARP traffic, you can use Modular QoS CLI which allows users to specify a traffic class independently of QoS policies.

See the configuration below:

Router(config)#class-map match-all arp

Router(config-cmap)# match protocol arp

Router(config)#policy-map ratelimitarp

Router(config-pmap)# class arp

Router(config-pmap-c)#police 8000 1500 1500 conform-action transmit exceed-action drop violate-action drop

Now, apply service policy to the interface with the "service-policy" command.

The document http://www.cisco.com/en/US/products/sw/iosswrel/ps5014/products_feature_guide_chapter09186a008008813a.html#

gives some examples for configuring QoS Policies using the Modular QoS CLI

0 Helpful

c.vergara
Level 1
Level 1
In response to

‎03-26-2004 02:42 PM

Hi thanks for your answer, with the followings example:

access-list 200 permit 0x806 0x???

rate-limit input access-group 200 8000 1500 2000 conform-action transmit exceed-action transmit

Can I get the same result that with class-map ?

regards.

0 Helpful

c.vergara
Level 1
Level 1
In response to c.vergara

‎04-08-2004 12:35 PM

Hi,

I made the following:

 class-map match-all arp

  match protocol arp

!

 policy-map ratelimitarp

  class arp

   police cir 8000 bc 1500 be 1500 conform-action transmit exceed-action drop violate-action drop

!

interface Cable2/0

 bandwidth 75000

 ip address 200.74.23.254 255.255.255.192 secondary

 ip address 10.100.159.254 255.255.240.0

 service-policy output ratelimitarp

.

But the arp traffic doesn´t match with service policy:

Ubr7223_Headend#show policy-map interface c2/0

 Cable2/0

  Service-policy output: ratelimitarp

    Class-map: arp (match-all)

      0 packets, 0 bytes

      30 second offered rate 0 bps, drop rate 0 bps

      Match: protocol arp

      police:

          cir 8000 bps, bc 1500 bytes, be 1500 bytes

        conformed 0 packets, 0 bytes; actions:

          transmit

        exceeded 0 packets, 0 bytes; actions:

          drop

        violated 0 packets, 0 bytes; actions:

          drop

        conformed 0 bps, exceed 0 bps, violate 0 bps

    Class-map: class-default (match-any)

      298939 packets, 152668185 bytes

      30 second offered rate 10392000 bps, drop rate 0 bps

      Match: any

Ubr7223_Headend#

Can anybody help me ?

regards.

0 Helpful

rakesh.shah
Level 1
Level 1
In response to c.vergara

‎04-08-2004 03:47 PM

you may try service policy input ratelimitarp (and not 'output')... see if this helps..

regds

0 Helpful

c.vergara
Level 1
Level 1
In response to rakesh.shah

‎04-12-2004 07:25 AM

I tried with service policy input ratelimitarp, but I see the same behavior.

The Ubr7200 is running the 12.2(15)BC1 and the service policy is applied on the cable interface, will be any restriction about kind of the interface that must be apply this service policy ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents