cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
186
Views
0
Helpful
0
Replies
Highlighted
Beginner

CoPP Control Plane Policing Default Class

Studying for ENCOR, I came across this material on CoPP. The bolded text is what confused me. Why would you reverse the access lists from permit to deny? It seems like the embedded packet capture is all you need to discover what traffic is associating with the default class. 

 

Any input is appreciated

 

CoPP material:

 

Verifying the CoPP Policy
After the policy map has been applied to the control plane, it needs to be verified.
In Example 26-37, traffic matching CLASS-CoPP-Routing has exceeded the
configured rate. In addition, the default class sees traffic. To identify what is
happening, EPC could be used again to tweak the policies, if necessary. This
time, the access lists can be reversed from permit to deny as the filter to gather
unexpected traffic.

 


Example 26-37 Verifying the Policy for CoPP
R1# show policy-map control-plane input
Control Plane
Service-policy input: POLICY-CoPP
Class-map: CLASS-CoPP-ICMP (match-all)
154 packets, 8912 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ACL-CoPP-ICMP
police:
cir 8000 bps, bc 1500 bytes, be 1500 bytes
conformed 154 packets, 8912 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
transmit
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: CLASS-CoPP-IPsec (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ACL-CoPP-IPsec
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 0 packets, 0 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
transmit
violated 0 packets, 0 bytes; actions:
transmit
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: CLASS-CoPP-Initialize (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ACL-CoPP-Initialize
police:
cir 8000 bps, bc 1500 bytes, be 1500 bytes
conformed 0 packets, 0 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
transmit
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: CLASS-CoPP-Management (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ACL-CoPP-Management
police:
cir 32000 bps, bc 1500 bytes, be 1500 bytes
conformed 0 packets, 0 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
transmit
violated 0 packets, 0 bytes; actions:
transmit
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: CLASS-CoPP-Routing (match-all)
92 packets, 123557 bytes
5 minute offered rate 4000 bps, drop rate 0000 bps
Match: access-group name ACL-CoPP-Routing
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 5 packets, 3236 bytes; actions:
transmit
exceeded 1 packets, 1383 bytes; actions:
transmit
violated 86 packets, 118938 bytes; actions:
transmit
conformed 1000 bps, exceeded 1000 bps, violated 4000 bps
Class-map: class-default (match-any)
56 packets, 20464 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any
police:
cir 8000 bps, bc 1500 bytes, be 1500 bytes
conformed 5 packets, 2061 bytes; actions:
transmit

 

 

 

0 REPLIES 0
Content for Community-Ad