Overview

Introduction

The Control Plane Policing module provides you with the instructions and Cisco hardware to develop your hands-on skills in the following topics:

This module contains the following exercises:

  • Configuring CoPP
  • Verify and test the CoPP configuration

Exercise 1 - Configuring CoPP

The CoPP feature protects the control plane of Cisco IOS routers and switches against several types of attacks including reconnaissance and denial of service (DoS) attacks. In this way, packet forwarding and protocol state functionality can be maintained despite an attack or a heavy load on the device.

In this exercise, you will implement CoPP on the NYEDGE1 router. Specifically, you will protect it from an ICMP flood attack from an untrusted source. For the purposes of this lab, the PLABCSCO01 computer will be the untrusted source while NYEDGE2 will be a trusted source which will be exempt from the CoPP policies you will implement.

Exercise 2 - Verify and Test the CoPP Configuration

You have successfully configured CoPP on NYEDGE1. Now you will verify your configuration and test the results in a simulated DoS attack. If you haven’t already done so, power on the PLABSCSO01 server.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.