Service Manual

Control Plane Policing (CoPP)

Control plane policing (CoPP) uses access control list (ACL) rules and quality of service (QoS) policies to create lters for a system’s

control plane. That lter prevents trac not specically identied as legitimate from reaching the system control plane, rate-limits,

trac to an acceptable level.

CoPP increases security on the system by protecting the routing processor from unnecessary or DoS trac, giving priority to

important control plane and management trac. CoPP uses a dedicated control plane conguration through the ACL and QoS

command line interfaces (CLIs) to provide ltering and rate-limiting capabilities for the control plane packets.

The following illustration shows an example of the dierence between having CoPP implemented and not having CoPP implemented.

Figure 29. Control Plane Policing

226

Control Plane Policing (CoPP)