Z9500 Copp Implementation; Protocol-Based Control Plane Policing; Queue-Based Control Plane Policing - Dell Z9500 Configuration Manual
Z-series core and aggregation switche
Hide thumbs
Also See for Z9500:
- Command reference manual (1905 pages) ,
- Reference manual (1849 pages) ,
- Installation manual (47 pages)
Table of Contents
Advertisement
•
CoPP Example
•
Configure Control Plane Policing
•
Troubleshooting CoPP Operation
Z9500 CoPP Implementation
The Z9500 control plane consists of multi-core CPUs with internal queues for handling packets destined to the Route
Processor, Control Processor, and line-card CPUs.
On the Z9500, CoPP is implemented as a distributed architecture. In this architecture, CoPP operates simultaneously in both
distributed and aggregated modes. Distributed CoPP is achieved by applying protocol rate-limiting on each port pipe on a line
card. Aggregated CoPP is achieved by applying protocol rate-limiting followed by queue rate-limiting on the centralized
control plane on the switch. Only aggregated CoPP rate limits are user-configurable. Distributed CoPP rate limits applied at the
port-pipe level are internally derived from the aggregated CoPP configuration.
NOTE:
The CoPP configurations described in this chapter only apply to aggregated CoPP operation on the Z9500.
To configure a CoPP service policy, you create extended ACL rules and specify rate limits in QoS policies. QoS rate limits are
applied to a protocol-based ACL filter or to a CPU queue.
User-configured ACLs that filter protocol traffic flows to the control plane are automatically applied or disabled as the
corresponding protocol is enabled or disabled in the system. In this way, control packets from disabled protocols never reach
the control plane.
Protocol-based Control Plane Policing
To configure a protocol-based CoPP policy, you create an extended ACL rule for the protocol and specify the rate limit in a
QoS policy. It is not necessary to specify the CPU queue because the protocol-queue mapping is handled internally by the
system. To display the protocol-queue mapping for protocols that you can configure for protocol-based CoPP, enter the show
{mac | ip | ipv6} protocol-queue-mapping command.
Queue-based Control Plane Policing
When configuring a queue-based CoPP policy, take into account that there are twenty-four CP queues divided into groups of
eight queues for the Route Processor, Control Processor, and line-card CPUs:
•
Queues 0 to 7 process packets destined to the Control Processor CPU .
•
Queues 8 to 15 process packets destined to the Route Processor CPU.
•
Queues 16 to 23 process packets destined to the line-card CPU.
The protocols mapped to each CPU queue and the default rate limit applied to the eight CPU queues for the Route Processor,
Control Processor, and line cards are as follows:
CPU Queue
0
1
2
3
4
Protocols Mapped to Control Processor Queues
TTL0, IP options, L3 Broadcast MAC destination address
L3 MTU Fail
ARP request, NS, RS
ARP reply, NA, RA
FTP, Telnet, SSH, Local terminated, NTP, VLT IPM PDU, VLT ARPM
Rate Limit (in kbps)
1000
200
1800
1800
2800
Control Plane Policing (CoPP)
213
Advertisement
Table of Contents
Troubleshooting
