Traffic Classification Overview; Defining Traffic Classification - Cisco 7604 Configuration Manual

Defining Traffic Classification

Defining Traffic Classification
The following sections contain information on how to classify CoPP traffic:
•
•
•

Traffic Classification Overview

You can define any number of classes, but typically traffic is grouped into classes that are based on
relative importance. The following provides a sample grouping:
•
•
•
•
•
•
•
•
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
36-32
Traffic Classification Overview, page 36-32
Traffic Classification Guidelines, page 36-33
Sample Basic ACLs for CoPP Traffic Classification, page 36-33
Border Gateway Protocol (BGP)—Traffic that is crucial to maintaining neighbor relationships for
BGP routing protocol, for example, BGP keepalives and routing updates. Maintaining BGP routing
protocol is crucial to maintaining connectivity within a network or to a service provider. Sites that
do not run BGP do not need to use this class.
Interior Gateway Protocol (IGP)—Traffic that is crucial to maintaining IGP routing protocols, for
example, open shortest path first OSPF, enhanced interior gateway routing protocol (EIGRP), and
routing information protocol (RIP). Maintaining IGP routing protocols is crucial to maintaining
connectivity within a network.
Management—Necessary, frequently used traffic that is required during day-to-day operations. For
example, traffic used for remote network access, and Cisco IOS image upgrades and management,
such as telnet, secure shell (SSH), network time protocol (NTP), simple network management
protocol (SNMP), terminal access controller access control system (TACACS), hypertext transfer
protocol (HTTP), trivial file transfer protocol (TFTP), and file transfer protocol (FTP).
Reporting—Traffic used for generating network performance statistics for the purpose of reporting.
For example, using Cisco IOS IP service level agreements (SLAs) to generate ICMP with different
DSCP settings in order to report on response times within different QoS data classes.
Monitoring—Traffic used for monitoring a router. Traffic should be permitted but should never pose
a risk to the router; with CoPP, this traffic can be permitted but limited to a low rate. For example,
ICMP echo request (ping) and traceroute.
Critical Applications—Critical application traffic that is specific and crucial to a particular customer
environment. Traffic included in this class should be tailored specifically to the required application
requirements of the user (in other words, one customer may use multicast, while another uses IPSec
or generic routing encapsulation (GRE). For example, GRE, hot standby router protocol (HSRP),
virtual router redundancy protocol (VRRP), session initiation protocol (SIP), data link switching
(DLSw), dynamic host configuration protocol (DHCP), multicast source discovery protocol
(MSDP), Internet group management protocol (IGMP), protocol independent multicast (PIM),
multicast traffic, and IPsec.
Layer 2 Protocols—Traffic used for address resolution protocol (ARP). Excessive ARP packets can
potentially monopolize MSFC resources, starving other important processes; CoPP can be used to
rate limit ARP packets to prevent this situation. Currently, ARP is the only Layer 2 protocol that can
be specifically classified using the match protocol classification criteria.
Undesirable—Explicitly identifies bad or malicious traffic that should be unconditionally dropped
and denied access to the MSFC.The undesirable classification is particularly useful when known
traffic destined for the router should always be denied and not placed into a default category. If you
explicitly deny traffic, then you can enter show commands to collect approximate statistics on the
denied traffic and estimate its rate.
Chapter 36 Configuring Denial of Service Protection
OL-4266-08