Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
1
Replies

CoPP logging on a 6500

Marius Gunnerud
VIP
VIP

‎03-20-2013 02:47 AM - edited ‎03-07-2019 12:22 PM

I am looking for a way to see packets that are matched on certain ACLs in a CoPP policy map.  I have read that it is not a good thing to add the log keyword at the end of an ACL when using that ACL for CoPP.  I initially tried to use a logging policy map but the 6500 12.2sx doesn't support this.

Any ideas on how I can see source/destination IP for a certain class in a CoPP policy map?           

--
Please remember to select a correct answer and rate helpful posts
Labels:
0 Helpful
1 Reply 1

Mariana Rodriguez
Cisco Employee
Cisco Employee

‎04-17-2013 01:57 PM

Hi Marius,

Unfortunately this is a feature introduced in 12.4T, I tried it on 12.4(15)T14 and worked fine:

policy-map CoPP

class CoPP_ICMP

    police 8000 1000 1000 conform-action transmit  exceed-action drop  violate-action drop

    log interval 5000

Where 5000 is milliseconds. Every 5000 ms you will receive one log (even if there was more than one log in this interval)

This is the log:

*Mar  1 01:00:15.563: %CP-6-IP: DROP Control-plane Policing  2.2.2.2 -> 2.2.2.1 icmp

*Mar  1 01:00:17.567: %CP-6-IP: DROP Control-plane Policing  2.2.2.2 -> 2.2.2.1 icmp

If  you would like to try it, make sure this will not affect the CPU of the  Router by configuring a large log interval and monitoring your CPU.

Cheers,

Mariana R.

0 Helpful
Customers Also Viewed These Support Documents