Hi Bro

What you’re doing is good. It’s always best to block the fragmented packets at the control-plane level, rather than via the normal ACL.

In the basic/lower feature sets IOS versions, there is no breakdown in terms of control-plane. With the advanced/higher feature sets IOS versions, you have control-plane host, control-plane transit and control-plane cef. Your next question would be when do I apply them, in what given situations, am I right? Basically, in a nutshell, here goes

a)    control-plane host handles packets destined for router itself e.g. management traffic (telnet/ssh/tacacs+/radius) and routing traffic.

b)    control-plane transit works on IP based packets traversing through the router e.g. internet browsing, email etc.

c)    control-plane cef focuses on non-IP packets e.g. CDP, ARP etc.

With this in mind, you might wanna expand your knowledge in depth, by reading this Cisco document http://www.cisco.com/en/US/docs/ios/12_4t/12_4t4/htcpp.html

P/S: if you think this comment is useful, please do rate them nicely :-) and click on the button THIS QUESTION IS ANSWERED.