Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
2
Replies

CoPP on network !

kthned
Level 3
Level 3

‎08-17-2012 03:49 AM - edited ‎03-04-2019 05:18 PM

Hi,

I need some guide from you on configuring CoPP Control Plane Policing. Though this document define some good understanding on CoPP

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper0900aecd804fa16a.html

The feature basically allow critical traffic (bgp, ospf, snmp etc) to reach Route Processor/control plan. We can either deny, permit or police the traffic in front of RP.

1. My question is how can I find out the rate (pps) of critcal traffic that I need to police. Is there any command that gives me the average pps of protocol hitting RP ?

2. In a medium size network, what is the timeline to implement it. Please share your experience.

Looking forward to your useful answer !

Thanks !

Regards,

Umair

Labels:
0 Helpful
2 Replies 2

mlund
Level 7
Level 7

‎08-20-2012 12:45 AM

Hi Umair

1, Do it the way the document suggest, it says.

The following example illustrates the configuration of the actual CPP service policy. In this base case, all actions are transmit actions. The only exception is for traffic defined as undesirable, which is unconditionally dropped, regardless of rate and the default class that is rate limited above the specified packets per second (PPS) rate. Configuring the CPP policy using only transmit actions initially without the drop action allows the ability to monitor the classes under normal operating conditions in order to determine the appropriate rate limit. Once the appropriate rate under normal conditions is determined, this information can be used to tighten the policy down by dropping packets that exceed the normal operation rates.

You use "sho policy-map control-plane" to look at the statistic.

2. When I did it it took a couple of weeks to find out decsent values for the different classess.

0 Helpful

kthned
Level 3
Level 3
In response to mlund

‎08-20-2012 08:01 AM

Thanks for your useful answer. A bit confuse on the netflow to monitor

I wonder Netflow feature to use for monitoring purpose. is it possible to use Netflow feature to find out the frequency of packets all punted packets.

Or Netflow gives information of all the packets (including non-punted), while sh policy-map control-plan gives information only for punted packets. Am I right ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card