[c-nsp] All multicast punting to CPU on 6500
Robert Williams
Robert at CustodianDC.com
Sun Dec 16 10:26:42 EST 2012
Hi,
I've now tried the MAC filtering at the CoPP level. Cisco documentation says "MAC-based matching is done in software only" - which is slightly better than allowing the CPU to process it unnecessarily (correct me if I'm wrong there?).
So to attempt to catch the traffic at the Software CoPP level I've setup a very basic class:
mac access-list extended CoPP-MC-MAC
permit any 0100.5e00.0000 0000.00ff.ffff
class-map match-any CoPP-MC-MAC
match access-group name CoPP-MC-MAC
policy-map CoPP
class CoPP-MC-MAC
police 32000 4470 4470 conform-action transmit exceed-action drop
It applies without error, however, I'm not getting any matches against the policy.
Clearly I'm destined to work on this all day! Any pointers welcome, cheers...
Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com
Robert Williams
Backline / Operations Team
Custodian DataCentre
tel: +44 (0)1622 230382
email: Robert at CustodianDC.com
http://www.custodiandc.com/disclaimer.txt
More information about the cisco-nsp
mailing list