You have configured a CoPP policy to mitigate the effects of DoS attacks on the router.
Which of the following packet types does the CoPP policy affect? (Select the best answer.)
- packets originating from the control plane
- packets destined to the control plane
- packets originating from the data plane
- packets destined to the data plane
The Control Plane Policing (CoPP) policy in this scenario affects packets that are destined to the control plane of a router. Packets destined to the control plane are typically packets intended to create or perform network operations on a router, such as packets from dynamic routing protocols or Address Resolution Protocol (ARP) packets. These packets cannot be handled by Cisco’s normal fastpath switching mechanisms, such as Cisco Express Forwarding (CEF), because they require special handling by the router’s CPU, which is also known as the route processor. CoPP is a Cisco IOS feature that protects the route processor of a router or switch from malicious traffic, such as Denial of Service (DoS) attacks.
The control plane is one of the four logical components that collectively define a router? the remaining components are the data plane, the management plane, and the services plane. The control plane is the home of the route processor and is essential to the forwarding of packets because routing protocol operation, network management, and processbased switching all involve the control plane. CoPP filters the types of packets that enter or exit the control plane and controls the rate at which permitted packets enter or exit the control plane. Because traffic must pass through the control plane to reach the management plane, CoPP protects the management plane as well.
The CoPP policy in this scenario does not affect packets that originate from the control plane of a router. DoS attacks that target a router use packets either that are destined to the router itself or that require special handling by the router’s route processor. Because packets originating from the control plane have already passed through the route processor, a CoPP policy that affects packets exiting the control plane would not mitigate the effects of a DoS attack.
Cisco considers all packets that pass through a router without any interaction from the route processor as data plane traffic, which is also known as transit traffic. Because DoS attacks on a router target the route processor, a CoPP policy that protects a router from DoS attacks would not affect packets originating from or destined to the data plane.