Control Plane Policing question

Hello guys,

When configuring QoS (policing for example)  to the control plane, in the WB they always use the legacy control-plane (without using the host, transit, cef exception subinterface), but i suppose that when you want to limit management traffic (telnet, ssh, etc)  to the router it is the same if you perform one of these:

Either this;

control-plane

service-policy input QOS

or this,

control-plane host

service-policy input QOS

 

Assume that the QOS policy map is rate limiting only management traffic to the router.

Am i right? or when configuring policing you have to use always the non subinterface (legacy) way?

Regards,

Emilio

 

 

Comments

  • Am i right? or when configuring policing you have to use always the non subinterface (legacy) way?

    Not sure what is in the security work books, but in CCIE R&S Volume 1 we have CoPP and CoPPr - clearly CoPPr provides more granuality than CoPP.

  • Hi,

    Control-plane by itself affects the aggregate control-plane traffic, while specifying a subinterface for control-plane (host, transit, cef-exception) is more flexible and affects only the subinterface in which it gets applied.

    HTH

Sign In or Register to comment.