[c-nsp] All multicast punting to CPU on 6500
Saku Ytti
saku at ytti.fi
Sun Dec 16 06:51:13 EST 2012
Allow this in CoPP rules
ip access-list extended CoPP-MULTICAST
permit ip any 224.0.0.0 15.255.255.255
Also 'match-all' is not supported by PFC3, even though Cisco documents use
it. But in this config it does not matter, as you don't have many matches.
Only 'match-any' is supported.
You can't match on ARP in CoPP either, not supported.
I would also never use numbered ACLs, only named.
I wonder if the rules are even in hardware, due to the ARP match. You might
want to check
show vlan internal usage | i Control Plane Protection
Check the VLAN number, then:
remote command switch show tcam interface vlan VLAN_NUMBER qos type2 ip
To see what actually is in hardware.
--
++ytti
More information about the cisco-nsp
mailing list