Tag Archives: ddos


IP Traffic Export, or Router IP Traffic Export (RITE), exports IP packets to a VLAN or
LAN interface for analysis. RITE does this only for traffic received on multiple WAN
or LAN interfaces simultaneously as would typically take place only if the device were
being targeted in a denial of service attack.

When configuring RITE, you enable it and configure it to direct copied packets to the
MAC address of the IDS host or protocol analyzer.

Inbound traffic (the default), outbound traffic, or both, and filtering on the number of
packets forwarded.

Edge# config term
Edge(config)# ip traffic-export profile export-this
Edge(config-rite)# interface fa0/0
Edge(config-rite)# bidirectional
Edge(config-rite)# mac-address 0018.0fad.df30
Edge(config-rite)# incoming sample one-in-every 20
Edge(config-rite)# outgoing sample one-in-every 100
Edge(config-rite)# exit
Edge(config)# interface fa0/1
Edge(config-if)# ip traffic-export apply export-this
Edge(config-if)# end
%RITE-5-ACTIVATE: Activated IP traffic export on interface FastEthernet 0/1.