Security Internetworking Experts


Post New Topic  Post A Reply
my profile | register | search | faq | forum home
  next oldest topic   next newest topic
» Security Internetworking Experts   » Security   » CCIE Security Lab Forum   » CoPPr and "Non-terminating" Tunnels

UBBFriend: Email this page to someone!    
Author Topic: CoPPr and "Non-terminating" Tunnels
NewAgeQuanta
Specialist

Member # 32102

Member Rated:
 		posted May 24, 2012 11:29 AM      Profile for NewAgeQuanta     Send New Private Message      Edit/Delete Post  Reply With Quote 
Guys,

This terminology has me completely flummoxed. Going through the Cisco CoPPr documentation, they say and I quote -

"Control-plane transit subinterface— Subinterface that receives all control-plane IP traffic that is software switched by the route processor. This means packets not directly destined to the router itself but rather traffic traversing through the router. Non-terminating tunnels handled by the router is an example of this type of control-plane traffic. Control-plane Protection allows specific aggregate policing of all traffic received at this subinterface."

My understanding of this interface hitherto was anything that is PUNTED to the Routing Engine because of, say, lack of a CEF adjacency and need for an ARP request.

The thing that gets me is "non-terminating" tunnels. As far as my pea brain can understand, any non-terminating tunnel, ESP, GRE, IPinIP, etc. would still be completely CEF switched by the router.

What gives? Am I not understanding something here?

Any and all inputs appreciated.

Nic
Posts: 73 | From: US | Registered: Mar 2012  |  IP: Logged
theevilmuffin
I need a life

Member # 23191

Member Rated:
 		posted May 24, 2012 10:58 PM      Profile for theevilmuffin     Send New Private Message      Edit/Delete Post  Reply With Quote 
That is what I made of it, from memory the only traffic that i could catch with this was traffic that was fragmented by the router.

but don't take this for 100% - it was a long time ago and my pea brain is smaller than your pea brain.

fwiw - if there is a Q on this clarify with the proctor. I had one and he cleared up any confusion that i had.

cheers
Posts: 1065 | From: UK | Registered: Sep 2007  |  IP: Logged


All times are Eastern Time  
Post New Topic  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
Printer-friendly view of this topic
Hop To:


Contact Us | Security Internetworking Experts