Users Guide
Control Plane Policing (CoPP)
Control plane policing (CoPP) uses access control list (ACL) rules and quality of service (QoS) policies to create lters for a system’s
control plane. That lter prevents trac not specically identied as legitimate from reaching the system control plane, rate-limits, trac to
an acceptable level.
CoPP increases security on the system by protecting the routing processor from unnecessary or DoS trac, giving priority to important
control plane and management trac. CoPP uses a dedicated control plane conguration through the ACL and QoS command line
interfaces (CLIs) to provide ltering and rate-limiting capabilities for the control plane packets.
The following illustration shows an example of the dierence between having CoPP implemented and not having CoPP implemented.
NOTE: The purpose of the following illustrations is to showcase the eect on a network when CoPP is implemented against a
scenario when CoPP is not implemented. The number of queues shown in the gure do not match the actual number of queues
(12) that are supported on the Z9100–ON platform.
Figure 26. Control Plane Policing
11
216 Control Plane Policing (CoPP)