Reference Guide

ManualsBrandsDell ManualsComputer equipmentNetworking Z9500

181

182

183

184

185

186

187

188

189

190

Configure Control Plane Policing

You can create a CoPP service policy on a per-protocol and/or a per-queue basis that serves as the system-wide configuration

for filtering and rate limiting control-plane traffic.

Configuring CoPP for Protocols

This section describes how to create a protocol-based CoPP service policy and apply it to control plane traffic.

To create a protocol-based CoPP service policy, you must first create a Layer 2, Layer 3, and/or an IPv6 ACL rule for specified

protocol traffic. Then, create a QoS input policy to rate-limit the protocol traffic permitted by the ACL. Associate the ACL and

QoS policy for each protocol in a QoS input policy-map and apply the complete protocol-based rate-limiting configuration to

control-plane traffic.

For complete information about creating ACL rules and QoS policies, refer to Access Control Lists (ACLs) and Quality of Service

(QoS).

1. Create a Layer 2 extended ACL for specified protocol traffic.

CONFIGURATION mode

mac access-list extended name permit {arp | frrp | gvrp | isis | lacp | lldp | stp} cpu-

qos

2. Create a Layer 3 extended ACL for specified protocol traffic.

CONFIGURATION mode

ip access-list extended name permit {bgp | dhcp | dhcp-relay | ftp | icmp | igmp | msdp |

ntp | ospf | pim | rip | ssh | telnet | vrrp} cpu-qos

3. Create an IPv6 ACL for specified protocol traffic.

CONFIGURATION mode

ipv6 access-list name permit {bgp | icmp | icmp-nd-na | icmp-nd-ns | icmp-rd-ra | icmp-

rd-rs | ospf | vrrp} cpu-qos

4. Create a QoS input policy to rate limit input traffic.

CONFIGURATION mode

qos-policy-input name rate-police [rate-kbps] [burst-kbytes] peak [rate-kbps] [burst-

kbytes] cpu-qos

5. Create a QoS class map to filter protocol traffic.

CONFIGURATION mode

class-map match-any name match {ip | mac | ipv6} access-group name cpu-qos

6. Create a QoS input-policy map to associate filtered protocol traffic with the rate limiting configuration.

CONFIGURATION mode

policy-map-input name class-map name qos-policy name cpu-qos

7. Enter Control Plane configuration mode.

CONFIGURATION mode

control-plane-cpuqos

8. Apply the QoS input policy-map that configures rate limiting on specified protocol traffic on the control plane.

CONTROL-PLANE mode

service-policy rate-limit-protocols input-policy-map cpu-qos

Examples of Configuring CoPP for Protocols

Example of Creating an IP/IPv6/MAC Extended ACL to Select Protocol Traffic

Dell(conf)#ip access-list extended ospf cpu-qos

Dell(conf-ip-acl-cpuqos)#permit ospf

Dell(conf-ip-acl-cpuqos)#exit

Dell(conf)#ip access-list extended bgp cpu-qos

Control Plane Policing (CoPP)

189