[c-nsp] C6K, SUP720, 15.1SY, uRPF with ACL, CoPP

Phil Mayers p.mayers at imperial.ac.uk
Wed Oct 2 13:39:42 EDT 2013


On 02/10/13 18:32, Tim Durack wrote:
> Appears to have stopped working. Once CoPP is enabled, I no longer see
> "CEF-Drop-Suppress: Packet from <IP> via Vlan824 -- ACL check" debug
> messages.

If you do:

sh vlan internal usage | inc Control

...to get the CoPP vlan, then:

remote command switch sh tcam interface vlan <VID> qos type2 ip

...does the TCAM look ok?

What I'm getting at is - if your CoPP denies the things which the RPF 
exception ACL would punt, then what you're seeing is expected.

Did it work on older IOS?


More information about the cisco-nsp mailing list