[c-nsp] BFD bypassing CoPP on 6500
Robert Williams
Robert at CustodianDC.com
Mon May 5 07:37:45 EDT 2014
Hi,
I've not got any further with it I'm afraid, although I did find that a service-policy applied on a physical interface 'does' correctly match and police the traffic. However, it fails to work if you apply it to a vlan (or CoPP, as per my original email).
So if policy is applied to:
CoPP = doesn't match properly (stops BFD from working, but doesn't limit traffic rate or protect CPU)
VLAN = same behaviour as CoPP
Port = matches and limits correctly if applied to physical interface
I'd be curious to know if someone else could confirm this behaviour so I now it's not just something odd about this setup/kit in our lab.
Cheers,
Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com
-----Original Message-----
From: Antonio Soares [mailto:amsoares at netcabo.pt]
Sent: 05 May 2014 12:21
To: Robert Williams; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] BFD bypassing CoPP on 6500
Did you find anything else in the meanwhile ? What you found is potentially catastrophic...
Thanks.
Regards,
Antonio Soares, CCIE #18473 (RS/SP)
amsoares at netcabo.pt
http://www.ccie18473.net
More information about the cisco-nsp
mailing list