CoPP: Please explain Control Plane Transit Subinterface

The documentation doesn't explain well why some transit traffic is punted to the CPU

as Control Plane Transit Interface.

Control-plane transit subinterface. This subinterface receives all control-plane IP traffic that is software switched by the route processor. This means packets that are not directly destined to the router itself but rather traffic traversing through the router. Nonterminating tunnels handled by the router is an example of this type of control-plane traffic. Control plane protection allows specific aggregate policing of all traffic received at this subinterface.

Why isn't this merely data plane transit traffic?

Can you give an example of a "Nonterminating tunnel handled by the router". Tks



    There is a lot of cases why packet could be punted to RP.

    I would say it more about how you can brake normal functionality.

    Let say you have hardware that doesn't support matching in ALC by packet length

    and you put acl it ingreess interface it might be the reason why transit traffic punted.


    Fragmentation could the reason as well.

    Like if you DF bit set don't fragment and outgoing interface can't fit entire packet.





Sign In or Register to comment.