[c-nsp] Drop rule at the end of CoPP conflicts with MAC learning

[Phil Mayers]

On 28/06/13 17:55, "Rolf Hanßen" wrote:
> Hi Nick,
>
> does not look like this is a general hardware version issue.

Well, Cisco never really confirmed for us what the underlying issues and 
caveats were.

Open a TAC case, get the definitive answer; or resign yourself to CoPP 
being weak in this area on sup720, and either go for rate-limited permit 
rather than default-deny, or script construction of an ACL or 
object-group with the boxes IPs in it, and only deny on that.