[j-nsp] About Juniper Control Plan Policy (CoPP)

Md. Jahangir Hossain jrjahangir at yahoo.com
Thu Aug 23 07:58:43 EDT 2012 

Thanks Apurva for your information.







________________________________
 From: apurva modh <modh.apurva at gmail.com>
To: Md. Jahangir Hossain <jrjahangir at yahoo.com> 
Cc: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net> 
Sent: Thursday, August 23, 2012 11:08 AM
Subject: Re: [j-nsp] About Juniper Control Plan Policy (CoPP)
 

All the Routing engine bound traffic into Juniper is handled through the loopback interface. So if you apply the input direction filter on the loopback interface, it would simulate the exact behavior of the control plane filter of cisco. You dont need to apply "protect routing-engine" filter to physical interfaces. 

Hope this solves your query.

Regards,



On Thu, Aug 23, 2012 at 9:05 AM, Md. Jahangir Hossain <jrjahangir at yahoo.com> wrote:

Dear all friend:
>
>Wishes all are fine.
>
>I quit new in juniper OS platform . i need some information about juniper Control Plan Policy (CoPP). i read  the RFC 6192 of  Protect Router Control Plane which is:
>
>
>http://tools.ietf.org/html/rfc6192#appendix-A.2
>
>
>
>After reading the RFC 6192 i have a  little query as like,In cisco router we put input policy on control plan.
>
>as like;
>
>control-plane service-policy input COPPBut in Juniper router we put input policy into loopback interface according to this RFC .
>
>Here this is:
>
>interfaces { lo0 { unit 0 { family inet { filter input protect-router-control-plane; }Based on my question is, how
>juniper router loopback interface control all router control plan ? or i need to put this input filter policy individually on different
>interfaces as like:
>
>
>interfaces{ em0 { unit 0 { family inet { filter input protect-router-control-plane; }
>
>interfaces { em1 { unit 0 { family inet { filter input protect-router-control-plane; }
>it would be nice for me can anyone please confirm me about this configuration .
>
>
>
>
>
>
>
>
>Thanks
>Jahangir Hossain
>_______________________________________________
>juniper-nsp mailing list juniper-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list