[unisog] Are cisco router VLAN ACL's stateful like a PIX?

Clark Gaylord cgaylord at vt.edu
Wed Feb 2 14:54:33 GMT 2005


Jeff Kell wrote:

> UDP flooding is the worst nightmare (think SQL Slammer).  Rate 
> limiting helps, and even throttles down UDP-based P2P variants as a 
> side effect.

I alluded to "some other policers" (in addition to my bandwidth hogs) on 
irc recently: two of these are ICMP and UDP (actually there are two 
ICMP: one for our Ops center and one for the rest of the world ... 
wouldn't want to get paged at 0300 because the NOC thought something was 
"down" only to find out that the policer was swamped... :-)

--ckg



More information about the unisog mailing list