Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

51-7

Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E

OL_28731-01

Chapter 51 Configuring Control Plane Policing and Layer 2 Control Packet QoS

Configuring Control Plane Policing

The following example shows how to configure trusted hosts with source addresses 10.1.1.1 and 10.1.1.2

to forward Telnet packets to the control plane without constraint, while allowing all remaining Telnet

packets to be policed at the specific rate. This example assumes that global QoS is enabled and that the

system-cpp-policy policy map was created.

Switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# qos

Switch(config)# macro global apply system-cpp

! Allow 10.1.1.1 trusted host traffic.

Switch(config)# access-list 140 deny tcp host 10.1.1.1 any eq telnet

! Allow 10.1.1.2 trusted host traffic.

Switch(config)# access-list 140 deny tcp host 10.1.1.2 any eq telnet

! Rate limit all other Telnet traffic.

Switch(config)# access-list 140 permit tcp any any eq telnet

! Define class-map "telnet-class."

Switch(config)# class-map telnet-class

Switch(config-cmap)# match access-group 140

Switch(config-cmap)# exit

! Add the class-map "telnet-class" to "system-cpp-policy" and define the proper action

Switch(config)# policy-map system-cpp-policy

Switch(config-pmap)# class telnet-class

Switch(config-pmap-c)# police 80000 1000 conform transmit exceed drop

Switch(config-pmap-c)# exit

Switch(config-pmap)# exit

! Verify the above configuration steps

Switch# show policy-map system-cpp-policy

Policy Map system-cpp-policy

Class system-cpp-dot1x

Class system-cpp-bpdu-range

Class system-cpp-cdp

police 32000 bps 1000 byte conform-action transmit exceed-action drop

Class system-cpp-sstp

Class system-cpp-cgmp

Class system-cpp-ospf

Class system-cpp-hsrpv2

Class system-cpp-igmp

Class system-cpp-pim

Class system-cpp-all-systems-on-subnet

Step 6

Switch(config)# policy-map

system-cpp-policy

Switch(config-pmap)# class {class-map-name}

Switch(config-pmap-c)# police

[aggregate name] rate burst

[conform-action {drop | transmit}]

[{exceed-action {drop | transmit}}]

Adds the traffic classes to the CoPP policy map.

Uses the police statement to associate actions to

the traffic class.

Step 7

Switch(config)# end

Returns to privileged EXEC mode.

Step 8

Switch# show policy-map system-cpp-policy

Verifies your entries.

Command Purpose

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Software Configuration Guide2086 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E