[c-nsp] NX-OS MPLS not answering to traces
Bernhard Schmidt
berni at birkenwald.de
Wed Mar 13 09:26:53 EDT 2013
On 13.03.2013 12:18, Tóth András wrote:
Hey,
> It could be CoPP related as well if that's dropping packets arriving to
> the control-plane. If you have upgraded the N7k from an older release
> (4.x or 5.1) you might not have all the latest and necessary CoPP rules
> in the policy-map and class-maps matching MPLS. These were added in
> 5.2(1) but during an ISSU or classic upgrade the CoPP policies are not
> updated automatically.
>
> One example is the "match protocol mpls" line in
> the copp-system-p-class-l2-default class.
>
> "5.2(1) - Updated the default class maps with support for MPLS LDP, MPLS
> OAM, MPLS RSVP, DHCP relay, and OTV-AS." Please see the following link
> for details and default copp templates.
>
> http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_6.x_chapter_011001.html
>
> You can re-apply the latest factory default CoPP profile with the "copp
> profile" global configuration command and choose between strict,
> moderate and lenient profiles.
Also a good guess, but it's a fresh installation of 6.1(2) and I've
verified that there is indeed a CoPP entry for "match protocol mpls".
The class is not dropping a lot of traffic.
Thanks and keep going :-)
Best Regards,
Bernhard
More information about the cisco-nsp
mailing list