cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
939
Views
4
Helpful
7
Replies

CoPP logging

Hello everybody!

What tools I can use to troubleshoot and monitor control plane service policy on the ASR 1002?

Show access-list command does not show any matches so I don't know which traffic goes where and consequently what to do next.

Thanks.

7 REPLIES 7
Shelley Bhalla
Participant

show policy-map control-plane should be used to see the stats on the CoPP policy.

This command indeed allow to see some statistics about pps, burst, bytes and so on, but there is no information about what type of traffic actually belong  to class-map access-list. If, for example, I want to identify what traffic i forgot to classify and which went to class-default how can i do this?

I am not sure if there are any command that will be that granular.

However there are some more indepth commands like:

show platform hardware acl input entries static
show platform hardware acl input actions
show platform hardware qos policers in 
show platform hardware qos policers out
show platform hardware qos policers control-plane
Show Platform CPU Packet Statistics All
show platform hardware acl input entries sw-allocated
show platform hardware acl input actions

Hope these help.

Shelley.

I did not find any of these commands on ASR1002F (asr1000rp1-advipservicesk9.02.06.02.122-33.XNF2).

asr#sh platform hardware ?
  interface  Interface information
  port       port information
  qfp        Quantum Flow Processor
  slot       Slot information
  subslot    Subslot information

I am sorry, the commands given were for larger ASR chassis.

Looking deeper into cisco archives there is no other way but the show policy-map control-plane command at this time and the ACL counter logging is not a feature yet enabled. That said, The business unit is specifically tracking this feature and will be implimenting it in the future. The  development team is getting similar requests from other customers as well so if you have a designated cisco account team I suggest you put in a feature request.

Thanks

Shelley

shbhalla,

thanks for the answers. Unfortunately, I end up with the same result.

I am sorrry, the result is not what you hoped for. But I strongly suggest a feature request be recorded. The more requests come in the faster we impliment them and Cisco is aware of this specific one.

Pleae mark thread as answered if there are no more questions.