Specifications
IP Switching Commands
mls ip cef rate-limit
ISW-97
Cisco IOS IP Switching Command Reference
May 2008
mls ip cef rate-limit
To rate-limit CEF-punted data packets, use the mls ip cef rate-limit command in global configuration
mode. To disable the rate-limited CEF-punted data packets, use the no form of this command.
mls ip cef rate-limit pps
no mls ip cef rate-limit
Syntax Description
Defaults No rate limit is configured.
Command Modes Global configuration
Command History
Usage Guidelines The valid values are as follows:
• For Cisco 7600 series routers that are configured with a Supervisor Engine 2, the valid values are
from 1 to 1000000.
• For Cisco 7600 series routers that are configured with a Supervisor Engine 720, the valid values are
from 0 to 1000000.
Certain denial-of-service attacks target the route processing engines of routers. Certain packets that
cannot be forwarded by the PFC are directed to the MSFC for processing. Denial-of-service attacks can
overload the route processing engine and cause routing instability when running dynamic routing
protocols. You can use the mls ip cef rate-limit command to limit the amount of traffic that is sent to
the MSFC to prevent denial-of-service attacks against the route processing engine.
This command rate limits all CEF-punted data packets including the following:
• Data packets going to the local interface IP address
• Data packets requiring ARP
Setting the rate to a low value could impact the packets that are destined to the IP addresses of the local
interfaces and the packets that require ARP.
You should use this command to limit these packets to a normal rate and to avoid abnormal incoming
rates.
pps Number of data packets; see the “Usage Guidelines” section for the valid
values.
Release Modification
12.2(14)SX Support for this command was introduced on the Supervisor Engine 720.
12.2(17d)SXB Support for this command on the Supervisor Engine 2 was extended to
Release 12.2(17d)SXB.
12.2(33)SRA This command was integrated into Cisco IOS Release 12.2(33)SRA.