[c-nsp] Control-Plane Filters/ACLs
Mack McBride
mack.mcbride at viawest.com
Fri Dec 3 12:16:06 EST 2010
There is no easy template for CoPP on Cisco.
Some things are processed in hardware, some are processed in software.
It is platform dependent.
Mack
Network Architect
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Bill Blackford
Sent: Friday, December 03, 2010 9:31 AM
To: 'cisco-nsp List'
Subject: [c-nsp] Control-Plane Filters/ACLs
Hello C-NSP members. I am looking for some good examples of "router-protect" ACLs or FW filters. On my "J" gear, I have several firewall filters designed to protect the control-plane that simply get applied to the loopback. Now only certain hosts/networks can make SSH, FTP, TCP179, etc., connections "to" the routers.
Are there some templates or examples I can find? I haven't played much with CoPP and don't hear a lot of accolades for doing this. The other obvious question would be "does this run in hardware or in software?". Hmm, doubt if the packet ASICs are processing ACL's.
Any help would be appreciated.
Thank you,
-b
--
Bill Blackford
Senior Network Engineer
Technology Systems Group
Northwest Regional ESD
Logged into reality and abusing my sudo priviledges
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list