Categories
CCNP Enterprise Core (350-401) Cisco Security

Configuring a Policy Map to be used in Control Plane Policing Policy (CoPP)

The policy map will show how to police traffic at a given rate to minimise any ability to try overload the router.

Finding the correct rate without overloading the network can be a difficult task.

To try ensure that CoPP will not introduce issues, the violate action should be set to transmit for all the vital classes until a baseline of normal traffic can be established. Over time, the rate can be adjusted as required.

policy-map POLICY-CoPP
 class CLASS-CoPP-ICMP
  police 5000 conform-action transit exceed-action transmit violate-action transmit

Once a baseline of traffic has been established, you can change the violate-action option to drop instead.

policy-map POLICY-CoPP  
 class CLASS-CoPP-ICMP   
  police 7500 conform-action transit exceed-action transmit violate-action drop

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.