Cisco Cisco IOS Software Release 11.0(20)BT Guide De Dépannage

Introduction
 Prerequisites
      Requirements
      Components Used
      Conventions
 Rate Limit ICMP/Smurf
 Rate Limit TCP SYN Packets

11.1(X)CC
12.0(X)[S/T/M]
CAR Frequently Asked Questions
How to Identify the Values to Use for the CAR Rules to Rate Limit SYN Packets?
How Do I Know if I Restrict too Many SYN Packets?
Can I Enable CAR on a Gigabit Switch Router (GSR)?
Can I Enable Distributed CAR (dCAR) on a Cisco 7500?
Can I Enable CAR on a Cisco 7200?
Other Features and Alternatives
      IP Receive ACL
      IP Source Tracker
 Related Information

Sometimes, a network receives a stream of Denial of Service (DoS) attack packets along with the regular
network traffic. In such situations, you can use a mechanism called "rate limiting" in order to allow the
network performance to degrade, so that the network remains up. You can use Cisco IOS

®

 software to achieve

rate limiting through these schemes:

Committed Access Rate (CAR)

• 

Traffic Shaping

• 

Shaping and Policing through Modular Quality of Service Command Line Interface (QoS CLI)

• 

This document discusses CAR for use in DoS attacks. The other schemes are just variants of the basic
concept.

There are no specific requirements for this document.

The information in this document is based on these software and hardware versions:

Cisco IOS Software Release 11.1CC and 12.0 mainline, which support CAR.

•