You want a feature that puts every /32 receive fib entry as a "drop" or
have it a per interface configurable option?
Or have a global default that rate limits to that /32 entry in the punt
path...
Rodney
On 3/24/10 10:37 AM, Dobbins, Roland wrote:
On Mar 24, 2010, at 9:34 PM, Drew Weaver wrote:
I've heard of a particular hosting provider that blocks traffic ingress to
gateways, network and broadcast addresses assigned to customer 'connected'
interfaces at their edge using scripts, etc but this type of thing doesn't seem
like it would scale very well.
Perl is your friend.
;>
It seems like it may make more sense to see if there could be a command added
to IOS that denotes these VLANs or Physical interfaces as customer interfaces
that tells it to protect the switch from traffic hitting these ports, but then
again nothing is ever that easy.
And that's precisely what Gert is talking about when he says he wants an
automagic CoPP.
-----------------------------------------------------------------------
Roland Dobbins<[email protected]> //<http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
