Filter
Top Products
44-4
Software Configuration Guide—Release 15.0(2)SG
OL-23818-01
Chapter 44 Configuring Control Plane Policing and Layer 2 Control Packet QoS
Configuring Control Plane Policing
• Beginning with Cisco IOS Release 12.2(31)SGA1, the GARP class was excluded from CoPP. To
manipulate GARP traffic, you need to use ACLs and QoS. If you want to protect the CPU against
GARP packets, you can also mark down GARP packets using CoPP after you define the user class
for the packet. This is possible because GARP is not part of the static CAM area.
Because CoPP is tightly integrated between Cisco IOS and the platform code, an error message
always appears during bootup. CoPP is not applied when you downgrade the Cisco IOS software
from a prior release.
To avoid this scenario, first backup your configuration before downgrading software, then remove
all CoPP entries manually from the configuration and enter the macro global apply system-cpp
command.
• ARP policing is not supported on either the classic series supervisor engines or fixed configuration
switches. It is supported on the Catalyst 4900M and 4948E switches, Supervisor Engine 6-E, and
Supervisor Engine 6L-E.
• You cannot remove a macro-populated class from the list of classes within a control plane policy.
• Prior to Cisco IOS Release 12.2(50)SG, on switches with Supervisor Engines V-10GE and earlier
supervisor engines, class map hit statistics on a user-defined class map in system-cpp-policy are not
updated properly. Beginning with Cisco IOS Release 12.2(50)SG, hit statistics are updated properly,
with the exception of per-VLAN capture mode. In the global capture mode, hit statistics for all class
maps (system-defined and user-defined) are updated properly.
For more information on per-VLAN capture mode, see the “Selecting Mode of Capturing Control
Packets” section on page 47-13.
Default Configuration
CoPP is disabled by default.
Configuring CoPP for Control Plane Traffic
To configure CoPP for control plane traffic, perform this task:
Command Purpose
Step 1
Switch# config terminal
Enters global configuration mode.
Step 2
Switch(config)# qos
(Optional) Enables QoS globally.
Step 3
Switch(config)#
macro global apply system-cpp
(Optional) Creates the system-cpp-policy policy
map and attaches it to the control plane.