Dynamic and Static CoPP ACLs
Committed burst (BC)
In addition, you can set separate actions such as transmit or drop for conform and violate traffic.
For more information on policing parameters, see the Cisco Nexus 9000 Series NX-OS Quality of Service
Configuration Guide.
Dynamic and Static CoPP ACLs
CoPP access control lists (ACLs) are classified as either dynamic or static. Cisco Nexus 9300 and 9500 Series
and 3164Q, 31128PQ, 3232C, and 3264Q switches use only dynamic CoPP ACLs. Cisco Nexus 9200 Series
switches use both dynamic and static CoPP ACLs.
Dynamic CoPP ACLs work only for Forwarding Information Base (FIB)-based supervisor redirected packets,
and static CoPP ACLs work for ACL-based supervisor redirected packets. Dynamic CoPP ACLs are supported
for myIP and link-local multicast traffic, and static CoPP ACLs are supported for all other types of traffic.
Static CoPP ACLs are identified by a substring. Any ACL that has one of these substrings is categorized as
a static CoPP ACL.
• MAC-based static CoPP ACL substrings:
• Protocol-based static CoPP ACL substrings:
• Multicast-based static CoPP ACL substrings:
For more information on static CoPP ACLs, see
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
456
Size of a traffic burst that can exceed the CIR within a given unit of time and not impact scheduling
• acl-mac-cdp-udld-vtp
• acl-mac-cfsoe
• acl-mac-dot1x
• acl-mac-l2-tunnel
• acl-mac-l3-isis
• acl-mac-lacp
• acl-mac-lldp
• acl-mac-sdp-srp
• acl-mac-stp
• acl-mac-undesirable
• acl-dhcp
• acl-dhcp-relay-response
• acl-dhcp6
• acl-dhcp6-relay-response
• acl-ptp
• acl-igmp
Guidelines and Limitations for CoPP, on page
Configuring Control Plane Policing
470.