If there is a task to drop OSPF packets, should we use control plane host or cef-exception sub-interface?
With regards Kings On Wed, May 18, 2011 at 8:56 PM, Kingsley Charles < [email protected]> wrote: > Hi all > > One of Control Plane Host subinterface's purpose is to control routing > protocol packets incoming rate. EBGP directly connected peers and OSPF > packets uses TTL of 1. Similarly all packets to 224.0.0.1 (all system > multicast address) is sent with TTL with 1. > > Hence it seems these packets will go to CEF Exception sub-interface not to > the Host Sub-interfaces. I observed OSPF falling into CEF Exception > sub-interface. > > Just wondering why Cisco has decided to push packets of TTL = 1 to > CEF-exception sub-interface. > > Snippet from > http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/ctrl_plane_prot_ps6441_TSD_Products_Configuration_Guide_Chapter.html > > *Control-plane host subinterface*. This interface receives all > control-plane IP traffic that is directly destined for one of the router > interfaces. Examples of control-plane host IP traffic include tunnel > termination traffic, management traffic or routing protocols such as SSH, > SNMP, BGP, OSPF, and EIGRP. All host traffic terminates on and is > processed by the router. Most control plane protection features and policies > operate strictly on the control-plane host subinterface. Since most critical > router control plane services, such as routing protocols and management > traffic, is received on the control-plane host subinterface, it is critical > to protect this traffic through policing and protection policies. CoPP, > port-filtering and per-protocol queue thresholding protection features can > be applied on the control-plane host subinterface. > > > The control-plane host subinterface only supports TCP/UDP-based host > traffic. All IP packets entering the control-plane matching any of the > following conditions are not classified any further and are redirected to > the cef-exception subinterface: > > •IP Packets with IP options. > > *•**IP Packets with TTL less than or equal to 1.* > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
