12/04/2009

Network audit program

It is advantageous to police some applications at multiple levels. For example, it might be desirable to limit all TCP traffic to 10 Mbps, while at the same time limiting FTP traffic (which is a subset of TCP traffic) to no more than 1.5 Mbps. To achieve this nested policing requirement, network audit program can be used. Two-level hierarchical policing was introduced in IOS Software Release 12.1(5)T. Later, in Release 12.2.1(3)T, three-level hierarchical policing was introduced for the 7200 and 7500 platforms

The policer at the second level in the hierarchy acts on packets transmitted or marked by the policer at the first level. Therefore, the second level does not see any packets that the first level drops. The sum of packets that the lower-level policers see is equal to the sum of packets that the higher-level policer transmits or marks. This feature supports up to three nested levels

No comments: