[c-nsp] N7k CoPP not MPLS-aware?

Pete Lumbis alumbis at gmail.com
Fri Nov 15 11:54:45 EST 2013


Why do we want labeled traffic to punt at all? Anything destined locally
should be imp-null or would have the exp-null label stripped in hardware.
So my bigger question would be "why are we punting?" Beyond that what CoPP
class should it match if it does punt? Are you staying there is a class to
match mpls traffic that is not actually matching?


On Fri, Nov 15, 2013 at 11:20 AM, Phil Mayers <p.mayers at imperial.ac.uk>wrote:

> On 15/11/13 16:08, Pete Lumbis wrote:
>
>> There is a "match protocol mpls" to match labeled traffic.
>>
>
> Not sure what use that is in the context of selectively
> dropping/permitting traffic, the standard use-case for CoPP.
>
> I could block all L3VPN traffic, but I might as well turn the box off if
> I'm going to do that ;o)
>


More information about the cisco-nsp mailing list