Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

51-8

Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E

OL_28731-01

Chapter 51 Configuring Control Plane Policing and Layer 2 Control Packet QoS

Configuring Control Plane Policing

Class system-cpp-all-routers-on-subnet

Class system-cpp-ripv2

Class system-cpp-ip-mcast-linklocal

Class system-cpp-dhcp-cs

Class system-cpp-dhcp-sc

Class system-cpp-dhcp-ss

* Class telnet-class

police 80000 1000 byte conform-action drop exceed-action drop

Control Plane Policing Configuration Guidelines and Restrictions

When using (or configuring) control plane policing, consider these guidelines and restrictions:

All supervisor engines

When configuring CoPP, consider these guidelines:

• Only ingress CoPP is supported. Only the input keyword is supported in control plane-related CLIs.

• Control plane traffic can be policed only through CoPP. Traffic cannot be policed at the input

interface or VLAN even though a policy map containing the control plane traffic is accepted when

the policy map is attached to an interface or VLAN.

• Use ACLs and class maps to identify data plane and management plane traffic that are handled by

the CPU. U

ser defined class maps should be added to the system-cpp-policy policy map for CoPP.

• The default system-cpp-policy policy map does not define actions for the system-defined class maps

(no policing).

• The only action supported in system-cpp-policy is police.

• You can use both MAC and IP ACLs to define data plane and management plane traffic classes.

However, if a packet also matches a predefined ACL for the control plane traffic, a police (or no

police) action will operate on the control plane class because the control plane classes appear above

the user-defined classes in the service policy.

• The exceeding action policed-dscp-transmit is not supported for CoPP.

• Do not use the log keyword in CoPP policy ACLs. Instead, if you want to determine if rogue packets

are arriving, view the output of the show policy-map interface command or use the span feature.

Do not apply to Catalyst 4900M, Catalyst 4948E, Supervisor Engine 6-E, and Supervisor Engine 6L-E

• To police control plane traffic, use the system-defined class maps.

• System-defined class maps cannot be used in policy maps for regular QoS.

• The policy map named system-cpp-policy is dedicated for CoPP.

• CoPP is not enabled unless global QoS is enabled and a police action is specified.

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Software Configuration Guide2086 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E