police [cir] {cir-rate [rate-type]}•
• police [cir] {cir-rate [rate-type]} [bc] burst-size [burst-size-type]
• police [cir] {cir-rate [rate-type]]} conform transmit [violate drop]
13. control-plane Dynamic mode
14. service-policy-dynamic input policy-map-name
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Configures the size of the egress CoPP TCAM region.
[no] hardware access-list tcam region erg-copp size
Example:
Step 2
switch(config)# hardware access-list tcam region
erg-copp 256
Copies the running configuration to the startup
configuration.
copy running-config startup-config
Example:
Step 3
switch(config)# copy running-config startup-config
Reloads the device.reload
Step 4
Example:
The new size values are effective only after you
enter copy running-config startup-config +
reload or reload all line card modules.
Note
switch(config)# reload
Enters global configuration mode.configure terminal
Example:
Step 5
switch# configure terminal
switch(config)#
ip access-list IP-foo-1
Step 6
Example:
switch# ip access-list mac-foo-1
switch(config-acl)#
permit tcp access-list IP-foo-1 eq bgp
Step 7
Example:
switch(config-acl)# 10 permit tcp 10.1.1.1/32
10.1.1.2/32 eq bgp
Specifies a control plane class map and enters class map
configuration mode. The default class matching is
class-map type control-plane [match-all | match-any]
class-map-name
Step 8
match-any. The name can be a maximum of 64 characters
long and is case sensitive.
Example:
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
484
Configuring Control Plane Policing
Configuring IP ACL Filtering for CoPP
To Next Page
Loading...
