[c-nsp] Cisco 6500/Sup720 ARP CoPP

[Brandon Ewing]

On Tue, Feb 09, 2010 at 09:37:32PM +0200, Saku Ytti wrote:
> I think you've gathered relevant and correct data, I don't think PFC3
> supports ARP match in CoPP. So you must use MLS rate-limiter, where you
> have to remember that AFAIK this is also for transit ARP which you might be
> bridging as a switch.
> 
> -- 
>   ++ytti

Even so, my ARP traffic would STILL hit the class-default class for the CoPP
profile, and be rate-limited before reaching the Sup, no?

Also, to rebutt, I found
http://aharp.ittns.northwestern.edu/papers/copp.html

In it, it says that Rodney Dunn contacted the author to state that
matching protocol ARP in a class map on the Sup720 SHOULD work.

I do see software matches for the ARP class in the policy-map:

  Software Counters:

    Class-map: CoPP-CLASS-ARP (match-all)
      1492439 packets, 89546340 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol arp
      police:
          cir 8192000 bps, bc 256000 bytes
        conformed 1492439 packets, 89546340 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          transmit
        conformed 0000 bps, exceed 0000 bps

However, the output from "show mls qos protocol arp" still seems to indicate
that ARP traffic is being dropped somewhere, even though software and
hardware counters for the ARP class show 0 drops.

-- 
Brandon Ewing                                        (nicotine at warningg.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100209/7ce15c77/attachment.bin>