Configuring Control Plane Policing To Mitigate Denial-Of-Service Attacks - Cisco ASR 920 Series Configuration Manual
Policing and shaping configuration guide
Hide thumbs
Also See for ASR 920 Series:
- Configuration manual ethernet router (438 pages) ,
- Installing manual (74 pages) ,
- Configuration (52 pages)
Table of Contents
Advertisement
Configuring Control Plane Policing to Mitigate Denial-of-Service Attacks
Command or Action
Example:
Device# show policy-map control-plane
all
Step 3
exit
Example:
Device# exit
Examples
The following example shows that the policy map TEST is associated with the control plane.
Device# show policy-map control-plane
Control Plane
Service-policy input:TEST
Class-map:TEST (match-all)
Class-map:class-default (match-any)
Configuring Control Plane Policing to Mitigate Denial-of-Service Attacks
Apply control plane policing (CoPP) to ICMP packets to mitigate denial of service (DoS) attacks.
QoS: Policing and Shaping Configuration Guide (Cisco ASR 920 Series)
38
20 packets, 11280 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match:access-group 101
police:
8000 bps, 1500 limit, 1500 extended limit
conformed 15 packets, 6210 bytes; action:transmit
exceeded 5 packets, 5070 bytes; action:drop
violated 0 packets, 0 bytes; action:drop
conformed 0 bps, exceed 0 bps, violate 0 bps
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match:any
Purpose
• input—(Optional) Displays statistics for the attached input policy.
• class class-name—(Optional) Specifies the name of the traffic
class whose configuration and statistics are displayed.
(Optional) Exits privileged EXEC mode.
Control Plane Policing
Hide quick links:
Advertisement
Table of Contents
