SUMMARY STEPS
1.
enable
2.
configure terminal
3.
access-list access-list-number permit protocol {any | host {address | name}} {any | host {address |
name}}
4.
access-list access-list-number permit protocol {tcd | udp} {any | host {source-addr | name}} eq port
number {any | host {source-addr | name}} eq port number
5.
class-map class-map-name
6.
match access-group access-list-index
7.
exit
8.
policy-map policy-map-name
9.
class class-map-name
10.
police {rate-bps | cir {cir-bps | percent percent}} [bc burst-bytes] [conform-action action] [pir pir-bps]
11.
conform-action action
12.
exit
13.
exit
14.
control-plane
15.
service-policyinput policy-map-name
16.
exit
17.
exit
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Example:
Device> enable
Step 1
Enters global configuration mode.configure terminal
Example:
Device# configure terminal
Step 2
Configures an access list for filtering frames by protocol type.
access-list access-list-number permit protocol {any
| host {address | name}} {any | host {address |
name}}
Step 3
Example:
Device(config)# access-list 110 permit icmp
any 169.223.253.1
QoS: Policing and Shaping Configuration Guide (Cisco ASR 920 Series)
39
Control Plane Policing
Configuring Control Plane Policing to Mitigate Denial-of-Service Attacks
To Next Page
Loading...
