Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Limiting ARP traffic

I´m having problems with ARP traffic. Is possible limit this traffic on a router´s interface with the following command:

router (config)#access-list nn permit

router(config-if)#rate-limit .....

How Can I limit this traffic ?

regards.

5 REPLIES
Anonymous
N/A

Re: Limiting ARP traffic

In order to do rate limiting of ARP traffic, you can use Modular QoS CLI which allows users to specify a traffic class independently of QoS policies.

See the configuration below:

Router(config)#class-map match-all arp

Router(config-cmap)# match protocol arp

Router(config)#policy-map ratelimitarp

Router(config-pmap)# class arp

Router(config-pmap-c)#police 8000 1500 1500 conform-action transmit exceed-action drop violate-action drop

Now, apply service policy to the interface with the "service-policy" command.

The document http://www.cisco.com/en/US/products/sw/iosswrel/ps5014/products_feature_guide_chapter09186a008008813a.html#

gives some examples for configuring QoS Policies using the Modular QoS CLI

New Member

Re: Limiting ARP traffic

Hi thanks for your answer, with the followings example:

access-list 200 permit 0x806 0x???

rate-limit input access-group 200 8000 1500 2000 conform-action transmit exceed-action transmit

Can I get the same result that with class-map ?

regards.

New Member

Re: Limiting ARP traffic

Hi,

I made the following:

 class-map match-all arp

  match protocol arp

!

 policy-map ratelimitarp

  class arp

   police cir 8000 bc 1500 be 1500 conform-action transmit exceed-action drop violate-action drop

!

interface Cable2/0

 bandwidth 75000

 ip address 200.74.23.254 255.255.255.192 secondary

 ip address 10.100.159.254 255.255.240.0

 service-policy output ratelimitarp

.

But the arp traffic doesn´t match with service policy:

Ubr7223_Headend#show policy-map interface c2/0

 Cable2/0

  Service-policy output: ratelimitarp

    Class-map: arp (match-all)

      0 packets, 0 bytes

      30 second offered rate 0 bps, drop rate 0 bps

      Match: protocol arp

      police:

          cir 8000 bps, bc 1500 bytes, be 1500 bytes

        conformed 0 packets, 0 bytes; actions:

          transmit

        exceeded 0 packets, 0 bytes; actions:

          drop

        violated 0 packets, 0 bytes; actions:

          drop

        conformed 0 bps, exceed 0 bps, violate 0 bps

    Class-map: class-default (match-any)

      298939 packets, 152668185 bytes

      30 second offered rate 10392000 bps, drop rate 0 bps

      Match: any

Ubr7223_Headend#

Can anybody help me ?

regards.

New Member

Re: Limiting ARP traffic

you may try service policy input ratelimitarp (and not 'output')... see if this helps..

regds

New Member

Re: Limiting ARP traffic

I tried with service policy input ratelimitarp, but I see the same behavior.

The Ubr7200 is running the 12.2(15)BC1 and the service policy is applied on the cable interface, will be any restriction about kind of the interface that must be apply this service policy ?

782
Views
0
Helpful
5
Replies
CreatePlease login to create content