Discussion:
[c-nsp] Control plane policing for BFD
ibogzipper iboge
2013-08-20 08:51:19 UTC
Permalink
Hi all,
Does BFD packet hits the control plane? I'm facing one issue one 7600 where
I can't see the ACL hit count on the control plane .
190 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3784
200 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3785

But if the line is missing we are observing the BFD session flap. whether
ACL counters won't increase if the ACL treated in LC ? or am i missing
anything

Regards,
ibog.
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Pete Lumbis
2013-08-20 13:09:43 UTC
Permalink
Another 7600 quirk.

CSCsg20022 - ACL counters for BFD packets don't increment with CoPP

Sounds like CoPP applies the QoS policy in hardware and the counters you
see in CoPP are based on packets seen outside of CEF in software. Since BFD
is in the CEF path, not the process path, these packets end up bypassing
the process path and don't update the counters.
Post by ibogzipper iboge
Hi all,
Does BFD packet hits the control plane? I'm facing one issue one 7600 where
I can't see the ACL hit count on the control plane .
190 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3784
200 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3785
But if the line is missing we are observing the BFD session flap. whether
ACL counters won't increase if the ACL treated in LC ? or am i missing
anything
Regards,
ibog.
_______________________________________________
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
ibogzipper iboge
2013-08-20 13:41:08 UTC
Permalink
Hi Pete,
Thanks for the info .

Best Regards,
ibog
Post by Pete Lumbis
Another 7600 quirk.
CSCsg20022 - ACL counters for BFD packets don't increment with CoPP
Sounds like CoPP applies the QoS policy in hardware and the counters you
see in CoPP are based on packets seen outside of CEF in software. Since BFD
is in the CEF path, not the process path, these packets end up bypassing
the process path and don't update the counters.
Post by ibogzipper iboge
Hi all,
Does BFD packet hits the control plane? I'm facing one issue one 7600 where
I can't see the ACL hit count on the control plane .
190 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3784
200 permit udp 172.25.33.0 0.0.0.255 172.25.33.0 0.0.0.255 eq 3785
But if the line is missing we are observing the BFD session flap. whether
ACL counters won't increase if the ACL treated in LC ? or am i missing
anything
Regards,
ibog.
_______________________________________________
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Loading...