Users Guide
* Unknown traffic in IP Subnet range
* Unknown traffic hitting the default route entry.
• Multicast NDP packets
– NDP packets with destination MAC is multicast
* DST MAC 33:33:XX:XX:XX:XX
• NDP Packets in VLT peer routing enable
– VLT peer routing enable cases each VLT node will have route entry for link local address of both self and peer VLT node.
Peer VLT link local entry will have egress port as ICL link. And Actual link local address will have entry to CopyToCpu. But
NDP packets destined to peer VLT node needs to be taken to CPU and tunneled to the peer VLT node..
• NDP packets in VLT peer routing disable case
– NDP packets intended to peer VLT chassis taken to CPU and tunnel to peer.
The following table describes the protocol to queue mapping with the CPU queues increased to be 12.
Table 13. Redirecting Control Traffic to 12 CPU queues
CPU Queue Weights Rate (pps) Protocol
0 100
1300 BFD
1 1 300 MC
2 2 300 TTL0, TTL1, IP with options, Mac limit violation,
Hyper pull, L3 with Bcast MacDA, Unknown L3,
ARP unresolved, ACL Logging
3 4 400 sFlow, L3 MTU Fail frames
4 127 2000 IPC/IRC, VLT Control frames
5 16 300 ARP Request, NS, RS, iSCSI OPT Snooping
6 16 400 ICMP, ARP Reply, NTP, Local terminated L3, NA,
RA,ICMPv6 (other Than NDP and MLD)
7 64 400 xSTP, FRRP, LACP, 802.1x,ECFM,L2PT,TRILL, Open
flow
8 32 400 PVST, LLDP, GVRP, FCOE, FEFD, Trace flow
9 64 600 OSPF, ISIS, RIPv2, BGP
10 32 300 DHCP, VRRP
11 32 300 PIM, IGMP, MSDP, MLD
Catch-All Entry for IPv6 Packets
Dell Networking OS currently supports configuration of IPv6 subnets greater than /64 mask length, but the agent writes it to
the default LPM table where the key length is 64 bits. The device supports table to store up to 256 subnets of maximum of /128
mask lengths. This can be enabled and agent can be modified to update the /128 table for mask lengths greater than /64. This
will restrict the subnet sizes to required optimal level which would avoid these NDP attacks. The IPv6 stack already supports
Control Plane Policing (CoPP) 229