That trap. No idea Kings. Curious as well. Did you lab this up? It may answer that for you
On Wed, May 18, 2011 at 1:03 PM, Kingsley Charles < [email protected]> wrote: > If there is a task to drop OSPF packets, should we use control plane host > or cef-exception sub-interface? > > With regards > Kings > > > On Wed, May 18, 2011 at 8:56 PM, Kingsley Charles < > [email protected]> wrote: > >> Hi all >> >> One of Control Plane Host subinterface's purpose is to control routing >> protocol packets incoming rate. EBGP directly connected peers and OSPF >> packets uses TTL of 1. Similarly all packets to 224.0.0.1 (all system >> multicast address) is sent with TTL with 1. >> >> Hence it seems these packets will go to CEF Exception sub-interface not to >> the Host Sub-interfaces. I observed OSPF falling into CEF Exception >> sub-interface. >> >> Just wondering why Cisco has decided to push packets of TTL = 1 to >> CEF-exception sub-interface. >> >> Snippet from >> http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/ctrl_plane_prot_ps6441_TSD_Products_Configuration_Guide_Chapter.html >> >> *Control-plane host subinterface*. This interface receives all >> control-plane IP traffic that is directly destined for one of the router >> interfaces. Examples of control-plane host IP traffic include tunnel >> termination traffic, management traffic or routing protocols such as SSH, >> SNMP, BGP, OSPF, and EIGRP. All host traffic terminates on and is >> processed by the router. Most control plane protection features and policies >> operate strictly on the control-plane host subinterface. Since most critical >> router control plane services, such as routing protocols and management >> traffic, is received on the control-plane host subinterface, it is critical >> to protect this traffic through policing and protection policies. CoPP, >> port-filtering and per-protocol queue thresholding protection features can >> be applied on the control-plane host subinterface. >> >> >> The control-plane host subinterface only supports TCP/UDP-based host >> traffic. All IP packets entering the control-plane matching any of the >> following conditions are not classified any further and are redirected to >> the cef-exception subinterface: >> >> •IP Packets with IP options. >> >> *•**IP Packets with TTL less than or equal to 1.* >> >> >> With regards >> Kings >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
