[c-nsp] Baseline CoPP policies?

Daniel Dib daniel.dib at reaper.nu
Tue Jul 7 16:37:19 EDT 2009


	Hi all,

	Does anyone have any baseline CoPP policies to put in place on a
switch where you can't really anticipate the kind of traffic that will be
coming into it but you need the IP INPUT processes, etc to stay at some
level of control? 

I've seen the Cisco TTL Expiry attack documentation etc, are there any good
generalized guidelines Cisco published or not?

Thanks,
-Drew

This will probably be highly dependant on what platform you are running.
What switch are we talking about? You should probably try to blast it with
different types of traffic to see what it can handle. Will you be running
dynamic routingprotocols? What protocols will you use for remote access etc?
More info is needed if we are going to try to answer your question.

/Daniel
 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4222 (20090707) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 



More information about the cisco-nsp mailing list