Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Control-plane protection| soft ware hardware counters

Hi everybody

Today I noticed something stange at work. I was looking at how we implemented a policy to drop ICMPS hitting our processor after certains constraints are met.

 

cisco#show running-config | begin control-plane
control-plane
!
service-policy input copp-aggregated

+++++++++++++++++++++++

Policy defination:

policy-map copp-aggregated

class cpp-icmp
   police cir 5000000 bc 93750 be 187500 conform-action transmit exceed-action drop violate-action drop

 


class-map match-all cpp-icmp
  match access-group name cpp-icmp


cisco#show ip access cpp-icmp
Extended IP access list cpp-icmp
    10 permit icmp any any (156222580 matches)

 

++++++++++++++++++++++++++++++

cisco#show policy-map control-plane
 Control Plane Interface

Service-policy input: copp-aggregated


Hardware Counters:

    class-map: cpp-icmp (match-all)
      Match: access-group name cpp-icmp
      police :
        5000000 bps 93000 limit 93000 extended limit
      Earl in slot 5 :
        5295068971 bytes
        5 minute offered rate 9528 bps
        aggregate-forwarded 5259145173 bytes action: transmit
        exceeded 35923798 bytes action: drop
        aggregate-forward 9936 bps exceed 0 bps

  Software Counters:

    Class-map: cpp-icmp (match-all)
      99672582 packets, 14936584392 bytes
      5 minute offered rate 11000 bps, drop rate 0 bps
      Match: access-group name cpp-icmp
      police:
          cir 5000000 bps, bc 93750 bytes, be 187500 bytes
        conformed 99672950 packets, 14936253164 bytes; action: transmit
        exceeded 289 packets, 422518 bytes; action: drop
        violated 0 packets, 0 bytes; action: drop
        conformed 13000 bps, exceed 0 bps, violate 0 bps

+++++++++++++++++++++++++++++++++++

I can see " software counters' just show the constraints defined under policy "  copp-aggregated", how did we end up with hardware counters ?

Hardware counters shows " 5000000 bps 93000 limit 93000 extended limit"  which we never defined that anywhere.

 

I appreciate your help

 

Thanks

 

 

 

 

 

 

 

53
Views
0
Helpful
0
Replies
CreatePlease login to create content