I would be careful in implementing policy 'in your network' if you have a
choice. If you are designing your network, use traffic shaping (can only be
used outbound on your interfaces, so plan appropriately). If you police
traffic with 'exceed action drop' then you will masacre TCP traffic. Traffic
shaping regulates traffic whereas policing kills traffic. Many firewalls,
like Checkpoint VPN-1 for example, use shaping to manage traffic rather than
policing. Policing in most cases is too strict, something to use if you are
an ISP with strict rules or policy.
If you have the option to configure QoS throughout your network, than use
shaping. If you are working on only a single router or interface (or need to
regulate traffic you don't control inbound on an interface) then policing
may be your only choice.
Just a thought.
/Rick
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7696&t=7388
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
