On 11/02/13 18:07, Phil Mayers wrote:
As you say, I *assume* the punts are subject to CoPP, but who knows?
In fact, a bit of fiddling with the CoPP config suggests not; I wrote a specific acl/class-pol/polmap entry to match the packets generating the redirects, and the "matched" HW counters aren't incrementing, suggesting the packets are *not* being processed by CoPP.
At this point I might open a TAC case, because if that's the case, this is bad (and potentially not very secure...)
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
