Re: CoPP - Question from ccie_ka_at_gmx.de on 2010-02-14 (Ccielab archives /201002)

From: <ccie_ka_at_gmx.de>
Date: Sun, 14 Feb 2010 15:01:17 +0100

Thanks for the explanation Scott...
The traffic should be destined _to_ the router!

While learning (and reading about CoPP) I have more questions...:-))

First of all how can I classify routing protocols with access-list.
I have the following list defined but I'm not sure if this is the right solution ??

Router1
!OSPF
ip access-list ospf
deny ospf any host x.x.x.x
deny ospf any host 224.0.0.5
deny ospf any host 224.0.0.6

!eigrp
ip access-list eigrp
deny eigrp any host x.x.x.x
deny udp any host 224.0.0.10

ip access-list bgp
deny tcp any host x.x.x.x eq 179 <- this is the local router
deny tcp any eq 179 19.19.y.y <- this is the bgp peer
deny tcp any eq 179 19.19.y.y

I'm not sure if I also need more commands for eigrp ?!

Dennis
-------- Original-Nachricht --------
> Datum: Sun, 14 Feb 2010 08:31:23 -0500
> Von: Scott Morris <smorris_at_ine.com>
> An: ccie_ka_at_gmx.de
> CC: ccielab_at_groupstudy.com
> Betreff: Re: CoPP - Question

> If it is flowing THROUGH your router, that would be data plane, not
> control plane. (and BGP is the only multihop one you can do that with)
>
> But otherwise, what kind of detail are you looking for? The object is to
> control/limit how much stuff is thrown at your router that the router
> itself has to actually process. Like most things, you'll start with
> something like is on the web and tweak it from there based on your
> particular needs. YMMV.
>
> Scott Morris, CCIEx4 (R&S/ISP-Dial/Security/Service Provider) #4713,
>
> JNCIE-M #153, JNCIS-ER, CISSP, et al.
>
> JNCI-M, JNCI-ER
>
> evil_at_ine.com
>
> Internetwork Expert, Inc.
>
> http://www.InternetworkExpert.com
>
> Toll Free: 877-224-8987
>
> Outside US: 775-826-4344
>
> Knowledge is power.
>
> Power corrupts.
>
> Study hard and be Eeeeviiiil......
>
> ccie_ka_at_gmx.de wrote:
>
> Hi Group,
>
> I'm currently working with CoPP.
> I also read the the Cisco Documents about this stuff,
>
> Is there any good documentation in the web which explains this in detail
> ...let's say I must limit routing protocols like ospf, eigrp and bgp.
> How can I restrict this protocols...from flowing through a specified
> router..
>
> Dennis
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>

-- 
Sicherer, schneller und einfacher. Die aktuellen Internet-Browser -
jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/chbrowser
Blogs and organic groups at http://www.ccie.net

Received on Sun Feb 14 2010 - 15:01:17 ART

This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 06:28:35 ART