cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
246
Views
0
Helpful
0
Replies
Highlighted
Enthusiast

Control-plane policing traffic identification??

Looking for a way to identify traffic reaching the deny ip any any of the policy-map contyrol-plane policing feature.

When implementing Control-Plane policing, as the traffic reaches the router (Control-Plane) the applied acl either permits the traffic or filters the traffic down through the applied acl until it reaches the deny ip any any line.  All traffic that reaches the deny IP any any is passed onto the next  level of classification.  I tried to add the "log" to the end of the deny IP any any to identify the traffic but turns out the "log" keyword is not permitted in the service policy acl.

Does anyone know how to identify traffic within the policy-map Control-plane policing?

!_________________________

SAMPLE

!_________________________

!

class-map match-any COPP_4

match access-group name IMPORTANT

!

class COPP_4

  police 256000 4000 conform-action trasnmit exceed-action drop

!

ip access-list extended IMPORTANT

remark ___________________________

10 permit udp host 192.168.1.251 192.168.1.0 0.0.0.255 eq snmp (71123332 matches)

15 permit icmp host 192.168.1.251 192.168.1.0 0.0.0.255 (4423451 matches)

20 permit udp host 192.168.1.12 192.168.1.0 0.0.0.255 eq ntp (4432377543 matches)

25 permit udp host 192.168.2.12 192.168.1.0 0.0.0.255 eq ntp (4432373321 matches)

100 deny ip any any (12834527742 matches)

THANKS

Frank

0 REPLIES 0
Content for Community-Ad