[c-nsp] BFD bypassing CoPP on 6500

Robert Williams Robert at CustodianDC.com
Mon May 5 07:37:45 EDT 2014


Hi,

I've not got any further with it I'm afraid, although I did find that a service-policy applied on a physical interface 'does' correctly match and police the traffic. However, it fails to work if you apply it to a vlan (or CoPP, as per my original email).

So if policy is applied to:

CoPP = doesn't match properly (stops BFD from working, but doesn't limit traffic rate or protect CPU)
VLAN = same behaviour as CoPP
Port = matches and limits correctly if applied to physical interface

I'd be curious to know if someone else could confirm this behaviour so I now it's not just something odd about this setup/kit in our lab.

Cheers,



Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com

-----Original Message-----
From: Antonio Soares [mailto:amsoares at netcabo.pt]
Sent: 05 May 2014 12:21
To: Robert Williams; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] BFD bypassing CoPP on 6500

Did you find anything else in the meanwhile ? What you found is potentially catastrophic...


Thanks.

Regards,

Antonio Soares, CCIE #18473 (RS/SP)
amsoares at netcabo.pt
http://www.ccie18473.net




More information about the cisco-nsp mailing list