Leaflet
61
OL-11615-01
Defining CoPP Traffic Classes
Developing a CoPP policy starts with the classification of the control plane traffic. To that end, the
control plane traffic needs to be first identified and separated into different class-maps. The Catalyst
4500 Series switches provides the system-cpp macro which automatically generates a collection of
class-maps for common Layer 3 and Layer 2 control plane traffic. While very useful, these predefined
class-maps might not include all the necessary traffic classes reaching the control plane, and as a result
they might need to be complemented with other user-defined class-maps. The Catalyst 6500 Series
switches do not provide a configuration macro. Therefore, all class-maps need to be defined by the user.
This section presents a classification template that can be used as a model when implementing CoPP on
Catalyst 6500 and Catalyst 4500 Series switches. This template presents a realistic classification, where
traffic is grouped based on its relative importance and protocol type. The template uses nine different
classes, which provide great granularity, and make it suitable for real-world environments. It is important
to note that, even though you can use this template as a reference, the actual number and type of classes
needed for a given network can differ and should be selected based on local requirements, security
policies, and a thorough analysis of baseline traffic.
This template defines the following nine traffic classes:
1. Border Gateway Protocol (BGP)
This class defines traffic that is crucial to maintaining neighbor relationships for BGP routing
protocol, such as BGP keepalives and routing updates. Maintaining BGP routing protocol is crucial
to maintaining connectivity within a network or to an ISP. Sites that are not running BGP would not
use this class.
2. Interior Gateway Protocol (IGP)
This class defines traffic that is crucial to maintaining IGP routing protocols such as Open Shortest
Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP) and Routing Information
Protocol (RIP). Maintaining IGP routing protocols is crucial to maintaining connectivity within a
network.
3. Interactive Management
This class defines interactive traffic that is required for day-to-day network operations. This class
would include light volume traffic used for remote network access and management. For example,
telnet, Secure Shell (SSH), Network Time Protocol (NTP), Simple Network Management Protocol
(SNMP) and Terminal Access Controller Access Control System (TACACS).
4. File Management
This class defines high volume traffic used for software image and configuration maintenance. This
class would include traffic generated for remote file transfer. For example, Trivial File Transfer
Protocol (TFTP), and File Transfer Protocol (FTP).
5. Reporting
This class defines traffic used for generating network performance statistics for reporting. This class
would include traffic required for using Cisco IOS IP Service Level Agreements (SLAs) (feature
previously known as Service Assurance Agent) to generate ICMP with different DSCP settings in
order to report on response times within different QOS data classes.
6. Monitoring
This class defines traffic used for monitoring a router. This kind of traffic should be permitted but
should never be allowed to pose a risk to the router. With CoPP, this traffic can be permitted but
limited to a low rate. Examples would include packets generated by ICMP echo requests (ping) and
the traceroute command.