Table of Contents
Advertisement
Configuring a Control Plane Class Map
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Step 9
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
128
Command or Action
class-map type control-plane [match-all |
match-any] class-map-name
Example:
switch(config)# class-map type
control-plane ClassMapA
switch(config-cmap)#
match access-group name access-list-name
Example:
switch(config-cmap)# match access-group
name MyAccessList
match exception {ip | ipv6} icmp redirect
Example:
switch(config-cmap)# match exception ip
icmp redirect
match exception {ip | ipv6} icmp
unreachable
Example:
switch(config-cmap)# match exception ip
icmp unreachable
match exception {ip | ipv6} option
Example:
switch(config-cmap)# match exception ip
option
match protocol arp
Example:
switch(config-cmap)# match protocol arp
exit
Example:
switch(config-cmap)# exit
switch(config)#
show class-map type control-plane
[class-map-name]
Example:
switch(config)# show class-map type
control-plane
Configuring Control Plane Policing
Purpose
Specifies a control plane class map and enters
class map configuration mode. The default class
matching is match-any. The name can be a
maximum of 64 characters long and is case
sensitive.
Note
You cannot use class-default, match-all,
or match-any as class map names.
(Optional)
Specifies matching for an IP ACL.
The permit and deny ACL keywords
Note
are ignored in the CoPP matching.
(Optional)
Specifies matching for IPv4 or IPv6 ICMP
redirect exception packets.
(Optional)
Specifies matching for IPv4 or IPv6 ICMP
unreachable exception packets.
(Optional)
Specifies matching for IPv4 or IPv6 option
exception packets.
Specifies matching for IP Address Resolution
Protocol (ARP) and Reverse Address Resolution
Protocol (RARP) packets.
Exits class map configuration mode.
(Optional)
Displays the control plane class map
configuration.
Hide quick links:
Advertisement
Table of Contents
