Re: CoPP question

But wouldn't that traffic already be defined with the acl's you have in your
first post?

On Thu, Mar 25, 2010 at 8:54 PM, Mark Matters <markccie_at_gmail.com> wrote:

> I was reading about this the other day. I would say yes because all the
> routing is handled by the control plane.
>
> On Thu, Mar 25, 2010 at 1:34 PM, Ivan Hrvatska <ivanzghr_at_gmail.com> wrote:
>
>> Now, I don't get it what you don't get.. :)
>> Question was about defining all INPUT traffic that will hit CP of R2
>> (LDP, EIGRP, BGP, OSPF) with ACLs that will be later used in class
>> maps. So as I'm familiar with this topic CP takes care of routing
>> protocol packets, all mgmt packets destined to that R2 router, and
>> maybe something more.
>> I gave scenario, told what routing protocols are running between
>> routers in scenario, gave what I think that solution is.
>> The thing that bugs me is next: if traffic traverse through the R2,
>> specific BGP traffic between CE routers (let's say that CE routers are
>> running iBGP session). And that iBGP session is established between
>> loopbacks, and to establish that TCP session R2 has to check it's vrf
>> routing table for that loopbacks, cause CE routers are exchanging OSPF
>> routes via MPLS VPN. Does that action of checking vrf routing table on
>> R2 also impact R2's CP and should be defined in one of the ACLs which
>> will be used in class-map, and class-maps will be used in police-map
>> for some policing?
>>
>> On Thu, Mar 25, 2010 at 3:34 PM, Marko Milivojevic <markom_at_ipexpert.com>
>> wrote:
>> > On Thu, Mar 25, 2010 at 10:32, Ivan Hrvatska <ivanzghr_at_gmail.com>
>> wrote:
>> >> OK. It isn't like that. Each protocol has it's own policing to be
>> >> defined, but that is not question. Question is defining traffic with
>> >> ACLs for given scenario.
>> >
>> > It's pretty hard to give answer to the question you don't know :-).
>> > I'd go with Eseosa's answer barring more details about the actual
>> > question.
>> >
>> > Also note, CoPP differentiates between routing protocol traffic and
>> > other kinds of traffic. You can apply your policies only to the subset
>> > not even touching routing protocols.
>> >
>> > --
>> > Marko Milivojevic - CCIE #18427
>> > Senior Technical Instructor - IPexpert
>> >
>> > YES! We include 400 hours of REAL rack
>> > time with our Blended Learning Solution!
>> >
>> > Mailto: markom_at_ipexpert.com
>> > Telephone: +1.810.326.1444
>> > Fax: +1.810.454.0130
>> > Web: http://www.ipexpert.com/
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Mar 25 2010 - 21:02:05 ART