Why do we want labeled traffic to punt at all? Anything destined locally should be imp-null or would have the exp-null label stripped in hardware. So my bigger question would be "why are we punting?" Beyond that what CoPP class should it match if it does punt? Are you staying there is a class to match mpls traffic that is not actually matching?
On Fri, Nov 15, 2013 at 11:20 AM, Phil Mayers <[email protected]>wrote: > On 15/11/13 16:08, Pete Lumbis wrote: > >> There is a "match protocol mpls" to match labeled traffic. >> > > Not sure what use that is in the context of selectively > dropping/permitting traffic, the standard use-case for CoPP. > > I could block all L3VPN traffic, but I might as well turn the box off if > I'm going to do that ;o) > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
