if you are not given any specifics, just match icmp any any :-)
On 6/8/2012 7:13 AM, Don Rajaratne wrote:
> Hi Thanks. Yes I got the same error. I sorted out the confusion with
> copp.
>
> How about with shaping and policing? I have seen some questions
> mentioned just to match icmp traffic,no specific source or
> destination. In that case which one is more accurate?
>
>
> Thanks again..
>
>
> On Fri, Jun 8, 2012 at 12:35 AM, Alexei Monastyrnyi
> <alexeim73_at_gmail.com <mailto:alexeim73_at_gmail.com>> wrote:
>
> Hi.
>
> Have you tried applying it to the control-plane?
>
> I don't think NBAR protocol matching is supported on the
> control-plane.
>
> Router(config)#do sh run class-map
> Building configuration...
>
> Current configuration : 56 bytes
> !
> class-map match-all ICMP
> match protocol icmp
> !
> end
>
> Router(config)#do sh run policy-map
> Building configuration...
>
> Current configuration : 57 bytes
> !
> policy-map PM_ICMP
> class ICMP
> police 8000
> !
> end
>
> Router(config)#control-plane
> Router(config-cp)#service-policy in PM_ICMP
> Unsupported protocol in 'match protocol'
> Unsupported protocol in 'match protocol'
> error: failed to install policy map PM_ICMP
>
>
> HTH
> A.
>
> On 6/8/2012 6:11 AM, Don Rajaratne wrote:
>> Hi People,
>>
>> Will be the output same or differ?? Question says limit the outgoing icmp
>> messages on control plane policing.
>>
>> ip access-list ex ICMP
>> permit icmp any any
>>
>> class-map ICMP
>> match access-group name ICMP
>>
>> OR
>>
>> class-map ICMP
>> match protocol icmp
>>
>> Thanks in advance..
>>
>> Don
>>
>>
>> Blogs and organic groups athttp://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Jun 08 2012 - 20:48:16 ART
This archive was generated by hypermail 2.2.0 : Sun Jul 01 2012 - 10:39:52 ART