300-410考题! 这道题选什么。
The network administrator configured CoPP so that all HTTP and HTTPS traffic from the administrator device located at 172.16 1.99 toward the router CPU is limited to 500 kbps. Any traffic that exceeds this limit must be dropped.access-list 100 permit ip host 172.16.1.99 any
!
class-map CM-ADMIN
match access-group 100
!
policy-map PM-COPP
class CM-ADMIN
police 500000 conform-action transmit
!
interface E0/0
service-policy input PM-COPP
CoPP failed to capture the desired traffic and the CPU load is getting higher.
Which two configurations resolve the issue? (Choose two.)
A. interface E0/0
no service-policy input PM-COPP
!
control-plane
service-policy input PM-COPP
B. policy-map PM-COPP
class CM-ADMIN
no police 500000 conform-action transmit
police 500 conform-action transmit
!
control-plane
service-policy input PM-COPP
C. no access-list 100
access-list 100 permit tcp host 172.16.1.99 any eq 80
D. no access-list 100
access-list 100 permit tcp host 172.16.1.99 any eq 80
access-list 100 permit tcp host 172.16.1.99 any eq 443
E. policy-map PM-COPP
class CM-ADMIN
no police 500000 conform-action transmit
police 500 conform-action transmit
我觉得是A、D。B和E一定错,因为police 的单位是bps,,,500是错的 ,,而C 沒HTTPS 也是错 本帖最后由 tianlaodadas 于 2022-5-13 14:17 编辑
答案AD,
知识点:1、CoPP是在是在control plane下调用,不是在接口下调用,方向只能是in。针对全局送往CPU的流量进行调度; 2、题目中要求是HTTP和HTTPS流量,所以ACL需要精确匹配
policy-map PM-COPP
class CM-ADMIN
police 500000 conform-action transmit
这段配置是没问题的,单位是bit,即限制为500KB //可以用模拟器验证 {:6_276:}{:6_276:}{:6_276:} 根据题库,选AD 請問樓主目前是看哪組題庫?可以提供嗎謝謝 AD,其他不是;配置的速率不对,就是抓包信息不完整。 it should be AD should be AD tianlaodadas 发表于 2022-5-13 14:16
答案AD,
知识点:1、CoPP是在是在control plane下调用,不是在接口下调用,方向只能是in。针对全局送往CP ...
謝謝大佬分享 感谢分享 AD
又有被匹配的流量,COPP 不处理,COPP可以IN 也可以 OUT
POLICING CIR 50OK 这里没有对EXCEED流量 配置,题目说明了过量流量过滤,(POLICING 也可以有PIR,擦双桶 PIR,MD!) 楼上答案正解。AD。但是COPP是针对流量发送到control-plane的保护,所以是input,不包括本设备发出的流量进行限制。
页:
[1]