57-5
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 57 Configuring Control Plane Policing and Layer 2 Control Packet QoS
Configuring Control Plane Policing
Configuring CoPP for Control Plane Traffic
To configure CoPP for control plane traffic, perform this task:
The following example shows how to police CDP packets:
Switch# config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# qos
Switch(config)# macro global apply system-cpp
Switch(config)# policy-map system-cpp-policy
Switch(config-pmap)# class system-cpp-cdp
Switch(config-pmap-c)# police 32000 1000 conform-action transmit exceed-action drop
Switch(config-pmap-c)# end
Switch# show policy-map system-cpp-policy
Policy Map system-cpp-policy
Class system-cpp-dot1x
Class system-cpp-bpdu-range
Command Purpose
Step 1
Switch# config terminal
Enters global configuration mode.
Step 2
Switch(config)# qos
(Optional) Enables QoS globally.
Step 3
Switch(config)#
macro global apply system-cpp
(Optional) Creates the system-cpp-policy policy
map and attaches it to the control plane.
Step 4
Switch(config)# policy-map
system-cpp-policy
Switch(config-pmap)# class
{system-cpp-dot1x | system-cpp-bpdu-range |
system-cpp-cdp | service | system-cpp-sstp
| system-cpp-cgmp | system-cpp-ospf |
system-cpp-igmp | system-cpp-pim |
system-cpp-all-systems-on-subnet |
system-cpp-all-routers-on-subnet |
system-cpp-ripv2 | system-cpp-hsrpv2 |
system-cpp-ip-mcast-linklocal |
system-cpp-dhcp-cs | system-cpp-dhcp-sc |
system-cpp-dhcp-ss}
Switch(config-pmap-c)# police [aggregate
name] rate burst [conform-action {drop |
transmit}] [{exceed-action {drop |
transmit}}]}
Associates actions to one or multiple
system-defined control plane traffic in the service
policy map. Repeat this step if necessary.
Step 5
Switch(config)# policy-map
system-cpp-wireless-policy
Switch(config-pmap)# class {system-cpp-arp
| system-cpp-capwap-ctrl |
system-cpp-capwap-keepalive |
service-cpp-capwap-dtls | system-cpp-dhcp |
system-cpp-igmp | system-cpp-dot1x |
system-cpp-dot11-rrm |
system-cpp-dot11-rfid |
system-cpp-dot11-iapp |
system-cpp-dot11-mgmt }
Switch(config-pmap-c)# police [aggregate
name] rate burst [conform-action {drop |
transmit}] [{exceed-action {drop |
transmit}}]}
Associate actions to one or multiple
system-defined wireless control plane traffic in the
system-cpp-wireless-policy. Repeat this step if
necessary.
Step 6
Switch# show policy-map system-cpp-policy
(Optional) Verifies the configuration.
To Next Page
Loading...
