Configuring Port Attributes > Managing Control Plane Traffic Protection (CPTP) > Enhancements for Control Plane Traffic Protection
Was this helpful?
Enhancements for Control Plane Traffic Protection
This enhancement to Control Plane Traffic Protection (CPTP) provides 44 queues to further strengthen CPU protection and limits the traffic going to the CPU. Currently, only 8 Class of Service (CoS) queues are supported for flow control on a physical port. Each traffic class with a CPU destination has a separate vFlow. All system vFlows with the parameters, to-cpu or copy-to-cpu, now have an additional cpu-cos value.
CLI network-admin@Leaf1 > cpu-class-show
switch name scope rate-limit queue
-------- ------------- ----- ---------- -----
Spine1   stp local 1000 8    
Spine1   lacp local 1000 9
Spine1   system-d local 1000 10
Spine1   igmp local 1000 11
Spine1   bcast local 1000 12
Spine1   icmpv6 local 1000 13
Spine1   tcp-analytics local 1000 14
Spine1   fabric local 1000 15
Spine1   kpalv local 1000 16
Spine1   ecp local 1000 17
Spine1   arp local 1000 18
Spine1   lldp local 1000 19
Spine1   vport-stats local 1000 20
Spine1   dhcp local 1000 21
Spine1   pim local 1000 22
Spine1   local-subnet local 1000 23
Spine1   bgp local 1000 24
Spine1   ospf local 1000 25
 
Netvisor ONE assigns all DHCP traffic to a separate CoS queue, 21, and reserves CoS 0-7 CPU queues. Any traffic not in one of the listed classes uses queue 0.
Netvisor ONE assigns a default rate-limit of 1000 to each queue, and you modify the rate using the following syntax:
CLI network-admin@Leaf1 > cpu-class-modify name dhcp rate-limit 2000
Restart Netvisor ONE for the change to take effect on the switch. Modify any or all traffic classes at one time and then reboot the switch once.
Configuring User-defined Classes
1. Create a CPU class and specify the rate-limit:
CLI network-admin@Leaf1 > cpu-class-create name ftp rate-limit 1000
Netvisor ONE assigns a CoS class to the new CPU class.
2. Display the CPU class configuration:
CLI network-admin@Leaf1 > cpu-class-show name ftp
name    queue   rate
-----   -----   -----
ftp     17      1000
 
3. Create a vFlow using the ftp class:
 
CLI network-admin@Leaf1 > vflow-create name ftp scope local proto ftp cpu-class ftp action copy-to-cpu
Netvisor ONE validates the vFlow only if you add the cpu-class parameter and specify the action copy-to-cpu or to-cpu.
 
Display statistics for each vFlow using the command, cpu-class-stats-show:
CLI network-admin@Leaf1 > cpu-class-stats-show
switch name cos out-pkts drop-pkts
-------- ------------- --- -------- ---------
Spine1   class0 0 0 0
Spine1   class1 1 0 0
Spine1   class2 2 0 0
Spine1   class3 3 0 0
Spine1   class4 4 0 0
Spine1   class5 5 0 0
Spine1   class6 6 0 0
Spine1   class7 7 0 0
Spine1   stp 8 298K 0
Spine1   lacp 9 0 0
Spine1   system-d 10 0 0
Spine1   igmp 11 35.1K 0
Spine1   bcast 12 0 0
Spine1   icmpv6 13 0 0
Spine1   tcp-analytics 14 0 0
Spine1   fabric 15 5.02K 0
Spine1   kpalv 16 75.4K 0
Spine1   ecp 17 0 0
Spine1   arp 18 3.02K 0
Spine1   lldp 19 15.1K 0
Spine1   vport-stats 20 0 0
Spine1   dhcp 21 0 0
Spine1   pim 22 0 0
Spine1   local-subnet 23 31.0K 0
Spine1   bgp 24 0 0
Spine1   ospf 25 0 0
Spine1   ftp 26 0 0