I've Cisco 7206 VXR with IOS "c7200p-advipservicesk9_li-mz.124-15.T3.bin". We have MPLS connections terminated with the VLANS on the fiber gig port. I've applied rate-limit for inbound/outgoing traffic not to exceed certain limit.
But, still I'm seeing traffic is going more than the applied limit.
Ex: This 8MB rate limit applied on subinterface
rate-limit input 8384000 12800 12800 conform-action transmit exceed-action drop
Sometimes due to malware/virus activity there is lot of burst in the traffic which is recorded by the SNMP/MRTG monitors. Which is exceeding (going over 20MBPS) what is configured on the interface. Also the CPU usage was drastically increasing during the traffic floodings.
CAR is doing its job. You might want talk to the provider see what service they can provide to block the abnormal traffic rate on their end. If no luck, you can consider platform that can do inbound policing in hardware and can do CoPP to protect CPU.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...