If I want to control icmp traffic inbound (Smurf attacK) based some
bandwidth X and normal burst Y max burst Z....which technology is best
suited? I feel both will suffice but CAR was not originally built for DoS
protection based on Yusuf's Network Security Book...anyone have thoughts on
this?
access-list extended smurf
permit icmp any any echo-reply (target traffic)
permit icmpy any any echo (reflector traffic)
class smurf
match access-list name smurf
policy-map smurf
class smurf
police x y z conform-action transmit exceed-action drop
violate-action drop
f0/1
service-policy input smurf
OR
f0/x
rate-limit input access-group smurf x y z conform-action transmit
exceed-action drop
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
