We encountered something strange. We run IOS-XR 7.5.2 on ASR9K platform.
Had a user under udp/0 attack. Tried to block it via standard ACL:
ipv4 access-list block-zero
20 deny udp any any eq 0
30 deny tcp any any eq 0
40 permit ipv4 any any
Applied to interface:
ipv4 access-group block-zero ingress
ipv4 access-group block-zero egress
Yet, based on Kentik, we had no effect and the udp/0 attack just
continued - as if the Cisco ACL is totally ignored. Or am I missing
something in the ACL listed above?
Thanks,
Hank
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Had a user under udp/0 attack. Tried to block it via standard ACL:
ipv4 access-list block-zero
20 deny udp any any eq 0
30 deny tcp any any eq 0
40 permit ipv4 any any
Applied to interface:
ipv4 access-group block-zero ingress
ipv4 access-group block-zero egress
Yet, based on Kentik, we had no effect and the udp/0 attack just
continued - as if the Cisco ACL is totally ignored. Or am I missing
something in the ACL listed above?
Thanks,
Hank
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/