[c-nsp] CSCea21516...WHY no fix for 12.2T

Siva Valliappan svalliap at cisco.com
Mon Oct 11 18:19:42 EDT 2004


IP Receive ACLs only give you ACL functionality - permit / discard
for control plane bound traffic in the inbound (to the control plane)
direction.

Control Plane Polciing (first phase - 12.2(18)S, 12.3(4)T, 12.0(29)S))
allows you to define a MQC service policy for control plane traffic (
inbound).

this allows you to permit / discard / police traffic.  also because you are
using MQC, you have a richer set of fields to match against / classify against
compared to ACLs.  so the functionality is a superset.

Control Plane Policing (second phase - 12.2(25)S, 12.3(7)T), allows you
configure MQC service policies in the outbound direction.

so they are natural progressions of functionality (providing more features /
functionality)

cheers
.siva


On Tue, 12 Oct 2004, Daniel Roesen wrote:

> On Mon, Oct 11, 2004 at 02:49:32PM -0700, Siva Valliappan wrote:
> > this means you can put an outbound service policy on the control
> > plane interface, allowing you to acheive the result that you want
> > below.  define a policy that will only permit inbound and outbound
> > control plane traffic to specific loopbacks, etc.  so not quite
> > clean, but at least with some configuration you can get most of
> > the functionality you are looking for.
>
> Uhm, so where is the difference to the much simpler "IP Receive ACL"
> feature then?
>
>
> Best regards,
> Daniel
>
> --
> CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list