Hi, On Wed, Mar 24, 2010 at 09:35:51AM +0000, Dobbins, Roland wrote: > On Mar 24, 2010, at 4:28 PM, Gert Doering wrote: > > > (So in general, I agree with you, I just want a more fool-proof way to > > configure CoPP-drop-default in a way that has no surprising side-effects) > > I proposed a self-learning mode for CoPP, based upon identifying > 'to-me' traffic via the NetFlow cache, many years ago. Unfortunately, > it wasn't ever taken up, AFAIK.
That would be nice to figure out what needs to be permitted (and how much
of it), but it's actually much more than I want.
We know our network quite well, so we know what sort of traffic to expect.
The "but" is in the fine print - ISIS, IPv6, ARP - either not (properly)
supported in 6500 CoPP, or having side-effects (glean traffic). Even
though the problem with the glean traffic something we haven't seen here
yet - maybe our 3Bs are not old enough :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpdWn3p2UcKX.pgp
Description: PGP signature
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
