[c-nsp] OSPFv3 in CoPP
"Rolf Hanßen"
nsp at rhanssen.de
Thu Mar 15 18:04:52 EDT 2018
Hi,
maybe you need to add the non-link-local address.
I did not separate OSPF and BGP, but this works:
ipv6 access-list acl-copp-transfer-ipv6
permit 89 FE80::/10 any
permit ipv6 2001:DB8::/48 any
2001:DB8::/48 contains all transfer networks and loopback adresses in my
case.
kind regards
Rolf
> Howdy,
>
> This is SUP2T, I am just playing with this in a lab (I realize sup2t is
> dead).
>
> I notice that if I enable a CoPP policy and then do clear ipv6 ospf
> process 1 (yes) the process gets stuck forever in EXSTART until I remove
> the service-policy and then instantly It connects and begins operating
> normally. I am assuming that it is because I am blocking something
> accidentally via my CoPP policy.
>
> I've allowed protocol 89 sourced from the entire link-local subnet and
> then when that didn't work I then allowed all ipv6 on the link-local
> subnet. If I debug the traffic it just keeps re-transmitting DBDs to the
> IPv4 address of the peer (that is probably just the router-id) on the
> VLAN, over and over.
>
> Does anyone have a working CoPP ACL for OSPFv3?
>
> Thanks,
> -Drew
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list