09-30-2020 08:36 AM
Hello,
i have a N5K-5548UP-AF and it supports only 3 copp rules which available in system, the problem is when someone from inside or from outside (internet) send tcp syn attacks udp flood,... to the switch my cpu will be %100,
how can i protect my control plane?
if i want to use acl on my uplink and downlink to my accesss witch i should add 900-1k ip address (because i have different gateways) and make my works really hard.
THank you.
09-30-2020 08:58 AM
Hi,
Is the 5548 facing the Internet directly? Are you using private IPs or public?
HTH
09-30-2020 09:01 AM
yes it has bgp and my interface vlan ips are reachable from internet, but this is not important because if someone send attacks from inside to my gateway i face the same issue,
thank you.
09-30-2020 11:47 AM
What type of attacks are they? If it is ICMP, you can use an access list to make sure the IPs on the switch are no responding to ICMP.
HTH
09-30-2020 11:55 AM
they are different type of attack such as udp flood, syn ...
i am curoius why does copp on 5548up does not mitigate and shape them?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide