Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1745
Views
0
Helpful
3
Replies

Control-Plane Policy CPP for ISR Router

bennett.troy
Level 1
Level 1

‎04-13-2010 07:34 AM - edited ‎03-06-2019 10:35 AM

I have been looking everywhere for some documentation on implenting CPP on the 2800 series routers.  I have the class-map and policy-map statements complete, however I am not sure what bandwidth to use for the police statements.  The only documentation I can find is for 6500s.  Any ideas?

Thanks in advance

Labels:
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎04-13-2010 07:41 AM

Hello Troy,

this is the difficult part of the job.

you can use a similar approach to that presented for the C6500 and you can try to dimension the traffic volumes for the different protocols you use in your network.

You need to take in account not only steady state operation (OSPF hellos for example ) but also what is needed for the learning /loading phase.

The idea is to protect the device for excessive traffic and messages so feel free to multiply your calculations by two for example

Hope to help

Giuseppe

0 Helpful

lamav
Level 8
Level 8

‎04-13-2010 08:01 AM

Troy:

I sympathize with you. I've struggled with the same issue.

The right answer is that there are no particular numbers you should use because each situation is different and each environment has different traffic loads and behavior.

One has to really understand their network's traffic characteristics. For example, do you have technologies deployed that are process switched and cannot be CEF switched? If so, you need to account for that traffic when you apply the policing parameters. A good example of this is DHCP relay traffic under an interface that uses helper addresses. This traffic is process switched.

Moreover, the network's traffic load may spike during recovery after certain kinds of outages, so you have to take that into consideration, too.

The thing to do is to use very liberal numbers at first and leave them in place for a while. Examine the traffic load for each class and begin tuning the numbers from there. There are certain categories of traffic that are pretty safe to be aggressive with, such as fragments and ICMP on the control plane. Fragments should not exist (Data plane, yes. Control plane, no.) and ICMP should be very minimal. And if you have icmp redirects and other such icmp-related functions disabled, you can really be aggressive with the numbers.

HTH

Victor

0 Helpful

bennett.troy
Level 1
Level 1
In response to lamav

‎04-13-2010 08:40 AM

Thanks for the feedback.

I was hoping for some information on the speed of the actual control-plane, so I could carve out statements similiar to applying QoS on a WAN link.  However I know it isnt quite the same architecture.  We have policies in place for our 6500s, I have added those rates to our lab 2800 routers.  I just wasnt sure if 6500s (sup720) can handle a higher load or not, whether those figures would actually give too much buffer on the 2800 architecture.

Once again thanks for the replies

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card