Control Plane Policing
Control Plane Policing (CoPP) is one of the mechanisms used for Control Plane defence against the Network Attacks that is done to the Control Plane.
- Control Plane Policing (CoPP): allows you to use MQC (Modular Quality of Service) framework to permit/deny or rate-limit traffic that goes to the route processor.
- MQC: class maps, policy maps services policies
1) Class maps - Define the match criterion by using the class-map global configuration command.
2) Policy maps - Associate actions to the class map match criteria by using the policy-map global configuration command.
3) Service policies - Enable the policy by attaching it to an interface, or globally to all interfaces using the service-policy interface configuration command.
2) Policy maps - Associate actions to the class map match criteria by using the policy-map global configuration command.
3) Service policies - Enable the policy by attaching it to an interface, or globally to all interfaces using the service-policy interface configuration command.
Benefits of Control plane
•
Protection against DoS attacks at infrastructure routers and switches
•QoS control for packets that are destined to the control plane of Cisco routers or switches
•Ease of configuration for control plane policies
•Better platform reliability and availability
Lab of COPP
1.-We will set a very basic lab , with a layer 3 switch ESW1
2.- Setting values inPC1 and ESW1
3.-Configurations in ESW1
4.-more configurations in ESW1
5.-More configuration on ESW1 (its droping packets from VPCS)
We could see it s dropping packets from vpcs.. ..That means the Copp is working..and the policying is applied.!
This lab is done..so , if the information was useful please click like..Thanks in advance!
Control Plane Policing
Reviewed by ohhhvictor
on
September 13, 2022
Rating:
Reviewed by ohhhvictor
on
September 13, 2022
Rating:
No comments: