[c-nsp] ISIS and CoPP on 760X

Frederic LOUI loui at renater.fr
Fri Sep 19 09:49:38 EDT 2008


Hi all,

We're currently using Receive-ACL(s) in order to protect as much as
possible, ingress traffic coming to any router's interface. Actually,
this is possible on 12K IOS 12.0(32)S8.

As far as I can see in CCO documentation, there is no equivalent to
receive-acl for 760X... In terms of "Control Plane Protection", it
seems that CoPP is the way to go ...

In all kind of documentation it is easy to match ospf packet type
through ACL or the "match protocol ospf" statement. However, I'm
wondering how to match ISIS packet. (rACL do not filter ISIS packet)

There are several available commands under class-map statement:
"match protocol clns"
"match protocol clns_is"
"match protocol clns_es"

But because of various reasons I can't test these commands.
(I don't have a 760x test box yet ... ;-) )

Anyone had any experience with CoPP and ISIS on 760x box ? (Target IOS
is 122-33.SRC1)

I've seen in the forum's archive that this issue has already
discussed, but the conclusion is a bit outdated. (Maybe the platform
has considerably evolved ?? Apology if the question is obvious...) on

Anyway,
Thanks all in advance for your help,

Bgrds/Frederic

-- 
Frederic LOUI / GIP RENATER

Service de Suivi Operationnel / Metrologie & QoS
Network Operations Service / Metrology & QoS

Tel: +33 1 53 94 20 82 / Fax: +33 1 53 94 20 31
frederic.loui at renater.fr http://www.renater.fr



More information about the cisco-nsp mailing list