Solved

Control Plane Policing not working on 1841 Router

Posted on 2014-02-03
2
546 Views
Last Modified: 2014-02-03
Hi, I am following the following article for control plane policing but am finding it is not actually working:
https://www.micronicstraining.com/a-real-world-scenario-for-copp/

Specifically i am trying to block fragments from coming to control plane. I have simplified this a bit but find it is not working:

IP access-list extended BANFRAG
    10 permit icmp any any fragments
Class Map match-all CM_BANFRAG
   Match access-group name BANFRAG
Policy Map newCoPP
    Class CM_BANFRAG
      drop
control-plane
 service-policy input newCoPP

If i send an ICMP packet that is oversize it will break it up and still go through and sh policy-map control-plane shows no hits. If i take that same ACL and apply as access group on the interface of router it will block the oversized icmp packet (as desired) and see acl increment by one. But when applied like above to control plane it is NOT blocking it?
0
Comment
Question by:Psy4HA
  • 2
2 Comments
 

Accepted Solution

by:
Psy4HA earned 0 total points
ID: 39831407
This looks to be a bug i have iOS 12.4(25) doesn't happen in 12.4(5a) apparently. Odd.
0
 

Author Closing Comment

by:Psy4HA
ID: 39831409
This looks to be a bug i have iOS 12.4(25) doesn't happen in 12.4(5a)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question