OcNOS-SP : System Management Guide : System Management Configuration Guide : Control Plane Policing Configuration
Control Plane Policing Configuration
Control plane policing (CoPP) manages the traffic flow destined to the host router CPU for control plane processing. CoPP limits the traffic forwarded to the host CPU and avoids impact on system performance.
1. CoPP has organized the handling of control packets by providing per-protocol hardware CPU queues. So, control packets are queued in different CPU queues based on protocol.
2. Per-protocol CPU queue rate limits and buffer allocations are programmed during router initialization, thus, every CPU queue is rate-limited to a default stable and balanced behavior across protocols.
3. When control packets are received at a higher rate than the programmed rate, the excess traffic is dropped at the queue level in the packet processor hardware itself.
4. All CPU queues are pre-programmed with default rate limits and buffer allocations to ensure a default stable and balanced behavior across protocols.
5. Rate limits are in terms of Kbps. Hardware does not support packets per second (PPS).
6. Qumran (MX, AX, and UX) supports per-queue rate shaping configurations within a range of 469 Kbps to 483 Gbps. The granularity is 469 Kbps for the low range and 1.56% for the higher range.
.
Table 5-15: Default CPU queues 
Default queues
Default rate In kbps
Maximum configurable rate in kbps
Default queue length in kbytes
Description
CPU0.q0
900
20000
1024
 
 
 
 
 
 
 
 
Unclassified protocols and unknown or destination lookup failure packets are redirected to default CPU queues 0-7 based on the packet's cos/dscp values.
 
SSH, TELNET, and SNMP traffic destined to host router CPU is remarked to CPU0.q6.
 
SSH: TCP Source/Destination port 22
TELNET: TCP Source/Destination port 23
SNMP: UDP Source/Destination port 161/162
CPU0.q1
900
20000
1024
CPU0.q2
900
20000
1024
CPU0.q3
900
20000
1024
CPU0.q4
900
20000
1024
CPU0.q5
900
20000
1024
CPU0.q6
10000
20000
1024
CPU0.q7
900
20000
1024
 
Table 5-16: Per protocol CPU queues 
Protocol queues
Defaultrate In kbps
Maximum configurable Rate in kbps
Default queue length in kbytes
Description
IGMP
1000
1000
2048
Internet Group Management Protocol packets (IP protocol 2)
ISIS/ESIS
8000
8000
1024
ISIS (DMAC 0180:C200:0014/0015)
ESIS (DMAC 0900:2B00:0004/0005)
Note: ESIS = End System-to-Intermediate System (ISIS point-to-point case)
Reserved Mcast
8000
8000
2048
Reserved IPv4 and IPv6 Multicast packets
IPv4: Local Network Control Block (224.0.0.0 - 224.0.0.255 (224.0.0/24))
IPv6: Link-Local Scope Multicast Addresses (FF02::/8)
IPv6 Link Local
1000
1000
1024
IPv6 link local packets
DIPv6: FE80::/8
OSPF
8000
8000
1024
OSPF unicast packets (IP protocol 89)
BGP
8000
8000
1024
BGP packets
TCP source/destination port number: 179
RSVP/LDP
1500
1500
1024
RSVP and LDP packets
RSVP: IP protocol 46
LDP: L4 source/destination port number:646
VRRP/RIP/DHCP
2000
2000
1024
VRRP packets: IP protocol number 112
RIP packets: UDP source and destination port number: 520
RIPNG packets: UDP source and destination port number: 521
DHCP: DHCP v4/v6 server packets, DHCP v4/v6 client packets (L4 source/destination port number: 67 or 68)
PIM
8000
8000
1024
Protocol Independent Multicast packets: IP protocol number 103
ICMP
1000
1000
1024
ICMP packets: IP protocol number 1
Unicast ICMPv6 packets: IP next header number 58
ARP
1000
1000
1024
ARP packets. Ether-type 0x0806
BPDU
8000
8000
1024
xSTP: DMAC 0180:C200:0000
Provider Bridging: 0180:C200:0008
LACP: DMAC 0180:C200:0002, ethertype:0x8809, subtype:1/2
AUTHD: DMAC 0180:C200:0003
LLDP: DMAC 0180:C200:000E
EFM: DMAC 0180:C200:0002, ethertype:0x8809, subtype:3
ELMI: DMAC 0180:C200:0007
SYNCE: DMAC 0180:C200:0002, ethertype:0x8809, subtype:0x0A
RPVST: DMAC 0100:0CCC:CCCD
L2TP: DMAC 0100:C2CD:CDD0/0104:DFCD:CDD0
G8032: DMAC 0119:A700:00XX
OAMP
1000
1000
1024
OAMP packets
sFlow
16384
16384
1024
Ingress and Egress sampled packets.
DSP
1500
1500
76800
L2 FDB events
EVPN
468
468
1024
ARP and ND cache queue for packets coming on VXLAN access ports.
nhop
500
500
1024
Inter VRF route leak unresolved data packets for ARP resolution.
ICMP-redirect
400
400
256
Data packets to CPU for ICMP redirect packet generation.
Guest
8000
8000
1024
 
CFM
1000
1000
1024
 
BFD
4000
4000
1024
BFD Single hop packets: UDP port 3784, TTL 255 BFD Multi hop packets: UDP port 4784
Micro BFD packets: UDP port 6784, TTL 255
PTP
4000
4000
1024