Manualshelf

Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000
261262263264265266267268269270
264 | Control Plane Policing (CoPP)
www.dell.com | support.dell.com
Figure 11-2. CoPP solution example
Configure Control Plane Policing
The S4810 can process maximum of 4200 PPS (packets per second). Protocols that share a single queue
may experience flaps if one of the protocols receives a high rate of control traffic even though Per Protocol
CoPP is applied. This happens because Queue-Based Rate Limiting is applies first.
For example, BGP and ICMP share same queue (Q6); Q6 has 400 PPS of bandwidth by default. The
desired rate of ICMP is 100 pps and the remaining 300 pps is assigned to BGP. If ICMP packets comes at
400 pps, BGP packets may be dropped though ICMP packets are rate limited to 100 PPS. This may be
solved by increasing Q6 bandwidth to 700 pps to allow both ICMP and BGP packets and then applying per
flow CoPP for ICMP and BGP packets. The setting of this Q6 bandwidth is purely dependent on the
incoming traffic for the set of protocols sharing the same queue. If the user is not aware of the incoming
protocol traffic rate then they cannot set the required Queue Rate Limit value. Such queue bandwidth
tuning must be carefully done because the system cannot open up to handle any rate, including traffic
coming at line rate.
CoPP policies are assigned on a per-protocol or a per-queue basis, and are assigned in CONTROL-PLANE
mode to each port-pipe.
Q7
Q6
Hardware Queue
Rate Limiting
1100 PPS
400 PPS
CPU Software Queue
CoPP Rule
Examples
Per-Protocol
Rate Limiting
OSPF 200 PPS
BGP 100 PPS
STP 100 PPS
ICMP 50 PPS
Protocol to Queue Classification
(Ingress Flow Entries)
Packets
Front End Ports
Q5
Q4
Q3
Q2
Q1
Q0
STP
ICMP
PING
100 PPS
50 PPS
CPU Processes
(OSPF, LACP, STP, ICMP, etc)
STP
ICMP
PING
Q7
Q6
Hardware Queue
Rate Limiting
1100 PPS
400 PPS
CPU Software Queue
Protocol to Queue Classification
(Ingress Flow Entries)
Packets
Front End Ports
Q5
Q4
Q3
Q2
Q1
Q0
STP
ICMP
PING
CPU Processes
(OSPF, LACP, STP, ICMP, etc)
STP
OPSF flood CPU at 1100 PPS
ICMP fails
No CoPP Rules
Q7 receives STP at 1100 pps due to network storm/loop.
The CPU is hit with the entire 1100 pps and the PING attemp fails intermittently.
CoPP restricts the STP control packet rate to the CPU to 100 pps. PING works reliably.