You have configured a CoPP policy to mitigate the effects of DoS attacks on the router.
Which of the following packet types does the CoPP policy affect? (Select the best answer.)
A.
packets originating from the control plane
B.
packets destined to the control plane
C.
packets originating from the data plane
D.
packets destined to the data plane
Explanation:
The Control Plane Policing (CoPP) policy in this scenario affects packets that are destined to the control plane
of a router. Packets destined to the control plane are typically packets intended to create or perform network
operations on a router, such as packets from dynamic routing protocols or Address Resolution Protocol (ARP)
packets. These packets cannot be handled by Cisco’s normal fastpath switching mechanisms, such as Cisco
Express Forwarding (CEF), because they require special handling by the router’s CPU, which is also known asthe route processor. CoPP is a Cisco IOS feature that protects the route processor of a router or switch from
malicious traffic, such as Denial of Service (DoS) attacks.
The control plane is one of the four logical components that collectively define a router? the remaining
components are the data plane, the management plane, and the services plane. The control plane is the home
of the route processor and is essential to the forwarding of packets because routing protocol operation, network
management, and processbased switching all involve the control plane. CoPP filters the types of packets that
enter or exit the control plane and controls the rate at which permitted packets enter or exit the control plane.
Because traffic must pass through the control plane to reach the management plane, CoPP protects the
management plane as well.
The CoPP policy in this scenario does not affect packets that originate from the control plane of a router. DoS
attacks that target a router use packets either that are destined to the router itself or that require special
handling by the router’s route processor. Because packets originating from the control plane have already
passed through the route processor, a CoPP policy that affects packets exiting the control plane would not
mitigate the effects of a DoS attack.
Cisco considers all packets that pass through a router without any interaction from the route processor as data
plane traffic, which is also known as transit traffic. Because DoS attacks on a router target the route processor,
a CoPP policy that protects a router from DoS attacks would not affect packets originating from or destined to
the data plane.Cisco: Control Plane Policing: Benefits of Control Plane Policing