Table of Contents
Advertisement
Configuring Control Plane Policing
The copp-system-class-management class has the following configuration:
class-map type control-plane match-any copp-system-p-class-management
match access-group name copp-system-p-acl-ftp
match access-group name copp-system-p-acl-ntp
match access-group name copp-system-p-acl-ssh
match access-group name copp-system-p-acl-http
match access-group name copp-system-p-acl-ntp6
match access-group name copp-system-p-acl-sftp
match access-group name copp-system-p-acl-snmp
match access-group name copp-system-p-acl-ssh6
match access-group name copp-system-p-acl-tftp
match access-group name copp-system-p-acl-https
match access-group name copp-system-p-acl-snmp6
match access-group name copp-system-p-acl-tftp6
match access-group name copp-system-p-acl-radius
match access-group name copp-system-p-acl-tacacs
match access-group name copp-system-p-acl-telnet
match access-group name copp-system-p-acl-radius6
match access-group name copp-system-p-acl-tacacs6
match access-group name copp-system-p-acl-telnet6
The copp-system-class-monitoring class has the following configuration:
class-map type control-plane match-any copp-system-p-class-monitoring
match access-group name copp-system-p-acl-icmp
match access-group name copp-system-p-acl-icmp6
match access-group name copp-system-p-acl-traceroute
The copp-system-class-multicast-host class has the following configuration:
class-map type control-plane match-any copp-system-p-class-multicast-host
match access-group name copp-system-p-acl-mld
The copp-system-class-multicast-router class has the following configuration:
class-map type control-plane match-any copp-system-p-class-multicast-router
match access-group name copp-system-p-acl-pim
match access-group name copp-system-p-acl-msdp
match access-group name copp-system-p-acl-pim6
match access-group name copp-system-p-acl-pim-reg
match access-group name copp-system-p-acl-pim6-reg
match access-group name copp-system-p-acl-pim-mdt-join
The copp-system-class-nat-flow class has the following configuration:
class-map type control-plane match-any copp-system-p-class-nat-flow
match exception nat-flow
The copp-system-class-ndp class has the following configuration:
class-map type control-plane match-any copp-system-p-class-ndp
match access-group name copp-system-p-acl-ndp
The copp-system-class-normal class has the following configuration:
class-map type control-plane match-any copp-system-p-class-normal
match access-group name copp-system-p-acl-mac-dot1x
match protocol arp
The copp-system-class-normal-dhcp class has the following configuration:
class-map type control-plane match-any copp-system-p-class-normal-dhcp
match access-group name copp-system-p-acl-dhcp
match access-group name copp-system-p-acl-dhcp6
The copp-system-class-normal-dhcp-relay-response class has the following configuration:
class-map type control-plane match-any copp-system-p-class-normal-dhcp-relay-response
match access-group name copp-system-p-acl-dhcp-relay-response
match access-group name copp-system-p-acl-dhcp6-relay-response
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
Control Plane Protection
115
Hide quick links:
Advertisement
Table of Contents
