Control Plane Proctection (Host VS CEF Subinterface)

Hello community,

This task is from the V4 WB but it's worth looking at it so I would like to fully understand the functionality I get the concept of CPPr VS CPP in that one is more granular than the other as it divides the route processor into sub-interfaces that handle different types of traffic but I am not entirely clear about who handles routing protocol traffic (RIP, EIGRP, BGP, OSPF). INE's description in the WB seems to suggest that the host subinterface handles all TCP/UDP traffic and the CEF subinterface takes care of all non-IP traffic including routing protocols. I get confused though as to whether RIP and BGP would fall under host or CEF since they are UDP/TCP respectively. Per INE:

Control-plane host subinterface. This interface receives all controlplane
TCP/UDP traffic that is directly destined for one of the router interfaces.
Examples of control-plane host traffic include management traffic or routing
protocols. Notice that non TCP/UDP control traffic will end up on the CEFexception
sub-interface. Most control plane protection features operate on this
subinterface and thus this sub-interface provides most features, such as policing,
port filtering and per-protocol queue thresholds.

Control-plane CEF exception subinterface. This is where packets
causing an exception in the CEF switching path land. So far, those include non-
IP router-destined traffic, such as CDP, L2 keepalive messages (e.g. Frame-
Relay LMI keepalives) or ARP packets and IP packets with options or TTL <=1.
Additionally, non-UDP local multicast traffic destined to the router (e.g. OSPF
updates) fall into this category as well.

 

On the other hand, Cisco's description seems to suggest that both handle routing protocol traffic but I just don't understand the wording in order to be clear as to when the host or the CEF subinterface will handle routing protocol traffic:

Control-plane host subinterface. This interface
receives all control-plane IP traffic that is directly destined for one
of the router interfaces. Examples of control-plane host IP traffic
include tunnel termination traffic, management traffic or routing
protocols such as SSH, SNMP, internal BGP (iBGP), and EIGRP. All host
traffic terminates on and is processed by the router. Most control plane
protection features and policies operate strictly on the control-plane
host subinterface. Since most critical router control plane services,
such as routing protocols and management traffic, is received on the
control-plane host subinterface, it is critical to protect this traffic
through policing and protection policies. CoPP, port-filtering and
per-protocol queue thresholding protection features can be applied on
the control-plane host subinterface.

Control-plane CEF-exception subinterface. This
control-plane subinterface receives all traffic that is either
redirected as a result of a configured input feature in the CEF packet
forwarding path for process switching or directly enqueued in the
control plane input queue by the interface driver (that is, ARP,
external BGP (eBGP), OSPF, LDP, Layer2 Keepalives, and all non-IP host
traffic). Control plane protection allows specific aggregate policing of
this type of control plane traffic

Comments

  • Host option should be used for traffic destined to the router and not traffic that is transiting the router.

  • Hi ciprian_s,

    Correct, I get that... but I am not confused with the transit subinterface. The part I am confused with relates to the host and CEF subinterfaces (they both handle traffic directed to the router) as to who handles routing protocol traffic: is it the host or the CEF subinterface?

    INE seems to suggest it's the CEF subinterface but Cisco seems to suggest it's usually the host subinterface except for:

    "all traffic that is redirected as a result of a configured input feature in the CEF packet forwarding path for process switching or directly enqueued in the control plane input queue by the interface driver"

    What does this statement mean? This is where I get lost... maybe if someone can explain it in plain English because Cisco's wording sounds like another language to me :(

Sign In or Register to comment.