cpu-class-create
NetVisor OS’s CPU Control Packet Processing Protection feature allows the CPU control packet processing path be protected against misbehaving, and malicious hosts or end-points that may flood control protocol packets. This is also called “CPU hog protection”.
If a host floods a control protocol packet, it floods the to-cpu queue. This prevents lower-rate packets from valid senders from reaching NetVisor, resulting in traffic loss for those hosts. Typically a traffic loss occurs for other hosts on the network. NetVisor OS can process large streams of both valid, and malformed protocol packets for various protocols.
Syntax cpu-class-create
|
name name-string |
Specify a name for the CPU class. |
|
scope local|fabric |
Specify the scope as local or fabric. |
|
rate-limit rate-limit-number |
Specify the cap for the rate limit. |
|
hog-protect disable|enable|enable-and-drop |
Specify if you want to enable, enable, and drop packets, or disable hog protection. |
Defaults None
Access Network Administrator
History
|
Version 2.6.0 |
Command introduced. |
Usage Use this command to create CPU protection.
Examples To create a CPU protection class for the local subnet, use the following syntax:
CLI (network-admin@switch) > cpu-class-create name local-subnet scope local rate-limit 100 hog-protect enable-and-drop