Solved

Control Plane Policing not working on 1841 Router

Posted on 2014-02-03
2
551 Views
Last Modified: 2014-02-03
Hi, I am following the following article for control plane policing but am finding it is not actually working:
https://www.micronicstraining.com/a-real-world-scenario-for-copp/

Specifically i am trying to block fragments from coming to control plane. I have simplified this a bit but find it is not working:

IP access-list extended BANFRAG
    10 permit icmp any any fragments
Class Map match-all CM_BANFRAG
   Match access-group name BANFRAG
Policy Map newCoPP
    Class CM_BANFRAG
      drop
control-plane
 service-policy input newCoPP

If i send an ICMP packet that is oversize it will break it up and still go through and sh policy-map control-plane shows no hits. If i take that same ACL and apply as access group on the interface of router it will block the oversized icmp packet (as desired) and see acl increment by one. But when applied like above to control plane it is NOT blocking it?
0
Comment
Question by:Psy4HA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 

Accepted Solution

by:
Psy4HA earned 0 total points
ID: 39831407
This looks to be a bug i have iOS 12.4(25) doesn't happen in 12.4(5a) apparently. Odd.
0
 

Author Closing Comment

by:Psy4HA
ID: 39831409
This looks to be a bug i have iOS 12.4(25) doesn't happen in 12.4(5a)
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ACL deny / Permit 10 47
Cisco ASA 5505's for VPN study 15 62
Router disappearing from network on one pc 18 41
Usage of Prefix-List 5 46
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question