We have a 7600 router and the 7600 has 2 links with BGP.
We have a interface ACL direction in to block some traffic, for example BGP traffic.
We also have a COPP-BGP with a ACL too, with fewer blocks.
Question is which will be checked first, iACL or COPP.
After sometime reading and looking, I found a document:
http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html
It shows a picture with iACL before COPP, so my first thought seems to be wrong (that the COPP will be first and iACL would be checked after).
What is the order?? iACL --> COPP or COPP --> iACL
If iACL is first the COPP ACL can be less retrictive.
Does anyone know what is the right order?
thnks