[c-nsp] CSCea21516...WHY no fix for 12.2T
svalliap at cisco.com
Mon Oct 11 18:19:42 EDT 2004
IP Receive ACLs only give you ACL functionality - permit / discard
for control plane bound traffic in the inbound (to the control plane)
Control Plane Polciing (first phase - 12.2(18)S, 12.3(4)T, 12.0(29)S))
allows you to define a MQC service policy for control plane traffic (
this allows you to permit / discard / police traffic. also because you are
using MQC, you have a richer set of fields to match against / classify against
compared to ACLs. so the functionality is a superset.
Control Plane Policing (second phase - 12.2(25)S, 12.3(7)T), allows you
configure MQC service policies in the outbound direction.
so they are natural progressions of functionality (providing more features /
On Tue, 12 Oct 2004, Daniel Roesen wrote:
> On Mon, Oct 11, 2004 at 02:49:32PM -0700, Siva Valliappan wrote:
> > this means you can put an outbound service policy on the control
> > plane interface, allowing you to acheive the result that you want
> > below. define a policy that will only permit inbound and outbound
> > control plane traffic to specific loopbacks, etc. so not quite
> > clean, but at least with some configuration you can get most of
> > the functionality you are looking for.
> Uhm, so where is the difference to the much simpler "IP Receive ACL"
> feature then?
> Best regards,
> CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp