04-10-2012 06:43 AM - edited 03-04-2019 03:58 PM
Required by regulations to implement CoPP on our routers, I installed the following configuration on a C2811 router pair with integrated DSU/CSU cards connecting a point T1. STAC compression(software) is configured on the serial interfaces and the link is often congested.
>>ip access-list extended CoPP_CRITICAL
>>remark our control plane adjacencies are critical permit tcp
>>X.Y.10.0 0.0.0.255 eq tacacs any permit tcp X.Y.10.0 0.0.0.255
>>any eq 22 deny ip any any
>>
>>ip access-list extended CoPP_IMPORTANT permit udp host 128.38.10.240
>>any eq snmp permit udp host X.Y.10.241 any eq snmp permit udp host
>>X.Y..26.1 eq ntp any deny ip any any
>>
>>ip access-list extended CoPP_NORMAL
>>remark we will want to rate limit ICMP traffic permit icmp any any
>>echo permit icmp any any echo-reply permit icmp any any time-exceeded
>>permit icmp any any unreachable deny ip any any
>>
>>ip access-list extended CoPP_UNDESIRABLE remark other management plane
>>traffic that should not be received permit udp any any eq ntp permit
>>udp any any eq snmptrap permit tcp any any eq 22 permit tcp any any eq
>>23 remark other control plane traffic not configured on router deny ip
>>any any
>>
>>ip access-list extended CoPP_DEFAULT
>>permit ip any any
>>policy-map CONTROL_PLANE_POLICY
>>class CoPP_CRITICAL
>>police 512000 8000 conform-action transmit exceed-action transmit
>>class CoPP_IMPORTANT police 256000 4000 conform-action transmit
>>exceed-action drop class CoPP_NORMAL police 128000 2000 conform-action
>>transmit exceed-action drop class CoPP_UNDESIRABLE police 8000 1000
>>conform-action drop exceed-action drop class CoPP_DEFAULT police 64000
>>1000 conform-action transmit exceed-action drop
This configuration severely degraded the IP traffic flow and I had to remove it. Not having any practical experince with CoPP I'm looking for help and suggestions on how to best implement in this scenario. Thanks
04-10-2012 07:27 AM
Hi,
I suggest you refer to this QoS design guide as an example of a CoPP policy to deploy on your router
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSWAN_40.html#wp131455
Don't forget to rate posts that are helpful.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide